AccessDeniedException when using CLI aws cloud9 update-environment --environment-id $C9_PID --managed-credentials-action DISABLE

I am doing this command from my cloud9 environment. I am logged in as owner of the cloud9 environment. I am using aws-cli/2.7.20

ec2-user:~/environment $ aws cloud9 update-environment  --environment-id $C9_PID --managed-credentials-action DISABLE
An error occurred (AccessDeniedException) when calling the UpdateEnvironment operation: arn:aws:sts::233287386565:assumed-role/cst438-cloud9-containers-role/i-02aef2188aaf75d2e isn't allowed to manage credentials because they're not the environment owner

But I am the environment owner. After receiving this error I do

aws cloud9 describe-environments --environment-id 18f34fb0bdd8451ba008fe7ac2c74093
{
    "environments": [
        {
            "id": "18f34fb0bdd8451ba008fe7ac2c74093",
            "name": "cst438",
            "description": "",
            "type": "ec2",
            "connectionType": "CONNECT_SSH",
            "arn": "arn:aws:cloud9:us-west-2:233287386565:environment:18f34fb0bdd8451ba008fe7ac2c74093",
            "ownerArn": "arn:aws:iam::233287386565:root",
            "lifecycle": {
                "status": "CREATED"
            },
            "managedCredentialsStatus": "DISABLED_BY_OWNER"
        }
    ]
}

which shows the command did successfully disable the managed credentials status. So why the exception message?

David