Usually, the HTTP 401 is a response related to an issue in the authentication process in the code due to invalid, missing or expired tokens.
Codes shared by @guillaume has similar logic from the official doc / GitHub and should work (but I guess not in this case).
Below steps / alternatives might be worth double checking:
Ensure that the service account has the cloud run invoker role
Apply troubleshooting:
Make sure that your requests include an Authorization: Bearer ID_TOKEN header, and that the token is an ID token, not an access or refresh token.
Redeploy your function to allow unauthenticated invocations if this is supported by your organization. This is useful for testing.
Explore generating tokens manually
Could you share the link referencing that Serverless VPC Access connector is a potential cause?
As a last resort, you can reach out to the paid support for detailed troubleshooting of the issue with Cloud Run functions specialist.