We ran into this error when updating a project into the automation node:
It took us some time to figure out what was happening:
When developing the new bundle, we added a recipe with a code env without knowing that the code env was already created in the Automation node by somebody else
We obviously had security rights for that code env in the Design node, but we did not have them in Automation
When updating Automation with that bundle, we ran into the above "Action Forbidden" error without knowing what action was forbidden. It took us time time to identify the code env problem.
It would have been helpful to point out further details on this error to help the user understand what was happening. Overall, there seems to be room for improvement for the management of warnings & errors when deploying a project to Automation (e.g. warnings that are not necessarily relevant to the user).