Hi there, we are seeing a 403 error on the /environments resource when using a custom role. This article suggests that you can not add the /environments resource as a permission to a custom role (only Apigee can do this) however this makes no sense given it spits out an error in the UI.
Given the UI is calling /environments directly there is no way to create a custom role that won't ping up ugly errors in the UI. Note that this is for cloud only - on-prem should be fine.
The orgadmin role has the permission get on the /environments resource but it is not possible to add that to a custom role.
If anyone is still encountering this issue, add a trailing slash to the resource and that should work.
"path": "/environments/"
and
"path": "/environments/*/"
Thanks for that tip.