diff --git a/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_environment.go b/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_environment.go
index 1c2fdfb990..b0c7c2c43d 100644
--- a/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_environment.go
+++ b/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_environment.go
@@ -3,6 +3,7 @@ package codeartsdeploy
 import (
 	"context"
 	"fmt"
+	"log"
 	"strings"
 
 	"github.com/hashicorp/go-multierror"
@@ -437,7 +438,7 @@ func resourceDeployEnvironmentRead(_ context.Context, d *schema.ResourceData, me
 
 	permissionMatrix, err := getDeployEnvironmentPermissionMatrix(client, d.Get("application_id").(string), d.Id())
 	if err != nil {
-		return diag.FromErr(err)
+		log.Printf("[WARN] failed to retrieve environment permission matrix: %s", err)
 	}
 
 	mErr := multierror.Append(nil,
@@ -450,7 +451,7 @@ func resourceDeployEnvironmentRead(_ context.Context, d *schema.ResourceData, me
 		d.Set("instance_count", utils.PathSearch("instance_count", environment, nil)),
 		d.Set("created_by", flattenDeployEnvironmentCreatedBy(environment)),
 		d.Set("permission", flattenDeployEnvironmentPermission(environment)),
-		d.Set("permission_matrix", flattenDeployEnvironmentPermissionMatrix(permissionMatrix.([]interface{}))),
+		d.Set("permission_matrix", flattenDeployEnvironmentPermissionMatrix(permissionMatrix)),
 		d.Set("hosts", hosts),
 		d.Set("proxies", proxies),
 	)
@@ -575,25 +576,28 @@ func flattenDeployEnvironmentPermission(resp interface{}) []interface{} {
 	}
 }
 
-func flattenDeployEnvironmentPermissionMatrix(resp []interface{}) []interface{} {
-	rst := make([]interface{}, 0, len(resp))
-	for _, v := range resp {
-		rst = append(rst, map[string]interface{}{
-			"permission_id": utils.PathSearch("id", v, nil),
-			"role_id":       utils.PathSearch("role_id", v, nil),
-			"role_name":     utils.PathSearch("name", v, nil),
-			"role_type":     utils.PathSearch("role_type", v, nil),
-			"can_view":      utils.PathSearch("can_view", v, nil),
-			"can_edit":      utils.PathSearch("can_edit", v, nil),
-			"can_delete":    utils.PathSearch("can_delete", v, nil),
-			"can_manage":    utils.PathSearch("can_manage", v, nil),
-			"can_deploy":    utils.PathSearch("can_deploy", v, nil),
-			"created_at":    utils.PathSearch("create_time", v, nil),
-			"updated_at":    utils.PathSearch("update_time", v, nil),
-		})
-	}
-
-	return rst
+func flattenDeployEnvironmentPermissionMatrix(respBody interface{}) []interface{} {
+	if resp, isList := respBody.([]interface{}); isList {
+		rst := make([]interface{}, 0, len(resp))
+		for _, v := range resp {
+			rst = append(rst, map[string]interface{}{
+				"permission_id": utils.PathSearch("id", v, nil),
+				"role_id":       utils.PathSearch("role_id", v, nil),
+				"role_name":     utils.PathSearch("name", v, nil),
+				"role_type":     utils.PathSearch("role_type", v, nil),
+				"can_view":      utils.PathSearch("can_view", v, nil),
+				"can_edit":      utils.PathSearch("can_edit", v, nil),
+				"can_delete":    utils.PathSearch("can_delete", v, nil),
+				"can_manage":    utils.PathSearch("can_manage", v, nil),
+				"can_deploy":    utils.PathSearch("can_deploy", v, nil),
+				"created_at":    utils.PathSearch("create_time", v, nil),
+				"updated_at":    utils.PathSearch("update_time", v, nil),
+			})
+		}
+		return rst
+	}
+
+	return nil
 }
 
 func resourceDeployEnvironmentUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
diff --git a/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group.go b/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group.go
index 7be72441bd..fd78205d85 100644
--- a/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group.go
+++ b/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group.go
@@ -307,7 +307,7 @@ func resourceDeployGroupRead(_ context.Context, d *schema.ResourceData, meta int
 
 	permissionMatrix, err := getDeployGroupPermissionMatrix(client, d.Id())
 	if err != nil {
-		return diag.FromErr(err)
+		log.Printf("[WARN] failed to retrieve cluster group permission matrix: %s", err)
 	}
 
 	mErr = multierror.Append(
@@ -322,7 +322,7 @@ func resourceDeployGroupRead(_ context.Context, d *schema.ResourceData, meta int
 		d.Set("updated_at", utils.PathSearch("updated_time", resultRespBody, nil)),
 		d.Set("created_by", flattenDeployGroupCreatedBy(resultRespBody)),
 		d.Set("permission", flattenDeployGroupPermission(resultRespBody)),
-		d.Set("permission_matrix", flattenDeployGroupPermissionMatrix(permissionMatrix.([]interface{}))),
+		d.Set("permission_matrix", flattenDeployGroupPermissionMatrix(permissionMatrix)),
 	)
 
 	return diag.FromErr(mErr.ErrorOrNil())
@@ -390,25 +390,28 @@ func flattenDeployGroupPermission(resp interface{}) []interface{} {
 	}
 }
 
-func flattenDeployGroupPermissionMatrix(resp []interface{}) []interface{} {
-	rst := make([]interface{}, 0, len(resp))
-	for _, v := range resp {
-		rst = append(rst, map[string]interface{}{
-			"role_id":      utils.PathSearch("role_id", v, nil),
-			"role_name":    utils.PathSearch("name", v, nil),
-			"role_type":    utils.PathSearch("role_type", v, nil),
-			"can_view":     utils.PathSearch("can_view", v, nil),
-			"can_edit":     utils.PathSearch("can_edit", v, nil),
-			"can_delete":   utils.PathSearch("can_delete", v, nil),
-			"can_add_host": utils.PathSearch("can_add_host", v, nil),
-			"can_manage":   utils.PathSearch("can_manage", v, nil),
-			"can_copy":     utils.PathSearch("can_copy", v, nil),
-			"created_at":   utils.PathSearch("create_time", v, nil),
-			"updated_at":   utils.PathSearch("update_time", v, nil),
-		})
-	}
-
-	return rst
+func flattenDeployGroupPermissionMatrix(respBody interface{}) []interface{} {
+	if resp, isList := respBody.([]interface{}); isList {
+		rst := make([]interface{}, 0, len(resp))
+		for _, v := range resp {
+			rst = append(rst, map[string]interface{}{
+				"role_id":      utils.PathSearch("role_id", v, nil),
+				"role_name":    utils.PathSearch("name", v, nil),
+				"role_type":    utils.PathSearch("role_type", v, nil),
+				"can_view":     utils.PathSearch("can_view", v, nil),
+				"can_edit":     utils.PathSearch("can_edit", v, nil),
+				"can_delete":   utils.PathSearch("can_delete", v, nil),
+				"can_add_host": utils.PathSearch("can_add_host", v, nil),
+				"can_manage":   utils.PathSearch("can_manage", v, nil),
+				"can_copy":     utils.PathSearch("can_copy", v, nil),
+				"created_at":   utils.PathSearch("create_time", v, nil),
+				"updated_at":   utils.PathSearch("update_time", v, nil),
+			})
+		}
+		return rst
+	}
+
+	return nil
 }
 
 func resourceDeployGroupUpdate(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
diff --git a/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group_permission.go b/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group_permission.go
index f6a0526903..1ddb30ad63 100644
--- a/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group_permission.go
+++ b/huaweicloud/services/codeartsdeploy/resource_huaweicloud_codearts_deploy_group_permission.go
@@ -131,7 +131,7 @@ func resourceDeployGroupPermissionRead(_ context.Context, d *schema.ResourceData
 	expression := fmt.Sprintf("[?role_id=='%s']|[0]", roleId)
 	role := utils.PathSearch(expression, permissionMatrix, nil)
 	if role == nil {
-		return diag.Errorf("unable to find role (%s) from API response", roleId)
+		return common.CheckDeletedDiag(d, golangsdk.ErrDefault404{}, "unable to find role from API response")
 	}
 
 	mErr := multierror.Append(nil,