Amazon web services – How to fix AWS 403 error "Check your AWS Secret Access Key and signing method" when calling SES listcontacts

I have been stuck for about the past 6 hours at this point I’m thinking the only reasonable explanations are that this is a AWS SDK bug or the error message is wrong.

I am using SESv2 class from the AWS SDK in a JAVA SpringBoot app and attempting to manage various details of my SES (Simple Email Service) account.

import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.sesv2.SesV2Client;
import software.amazon.awssdk.services.sesv2.model.*;

I have created an IAM user, created security credentials, set them up using multiple different methods as described here guid to credentials environment I’ve given full access to SES to this IAM role user. I then wrote some code and I was able to do all of the following,

• Create a contact list
• Delete a contact list
• Create contact
• Create a Topic in a contact list
• Send an email

However, for some unknown reason when I go to test a function I wrote to get a list of contacts so I can test sending an email to multiple contacts I get the following 403 error message,

The request signature we calculated does not match the signature you
provided. Check your AWS Secret Access Key and signing method. Consult
the service documentation for details.

I’ve verified the credentials are correct. I have created a new set of credentials and made the old set inactive. No dice, all the functions listed above still work however the listContacts in the SesV2Client class still fails with the same error. As you can see below I even bypassed the env variables and just hardcoded the key and secret to pull out all the stops, still fails. In the function that fails, I’ve gone over and over the values im passing in they are valid and exist 100% because as I said I can make the other calls in the list above to verify the topics and contact list exists.

private List<Contact> listContactsForSiteUpdatesMailingList() {
try (SesV2Client client = SesV2Client.builder()
            .region(Region.US_EAST_1)
            .credentialsProvider(StaticCredentialsProvider.create(awsCreds))
            .build()){

        TopicFilter topicFilter = TopicFilter.builder().topicName(TOPIC_SITE_UPDATES).useDefaultIfPreferenceUnavailable(true).build();
        ListContactsFilter listContactsFilter = ListContactsFilter.builder().topicFilter(topicFilter).filteredStatus(SubscriptionStatus.OPT_IN).build();
        ListContactsRequest listContactsRequest = ListContactsRequest.builder()
                .contactListName(CONTACT_LIST).filter(listContactsFilter).build();

        ListContactsResponse listContactsResponse = client.listContacts(listContactsRequest);

        return listContactsResponse.contacts();

    } catch (Exception ex) {
        System.out.println("The email was not sent. Error message: "
                + ex.getMessage());
        return null;
    }
}

Whats going on here and how can I get to the bottom of this error?

EDIT:
Looking at AWS Console Users>Access Management and then looking at the user a created I can even verify that there was "programmatic access"

An example of accessing a ContactList with no issues

EDIT 2: My SES account is currently sandboxed. I just wanted to mention the question is this possibly happening because of that? Grasping at straws here.