I've started to accumulate lots of environments and project groups as well as having lots of teams.

Most of the teams have access to the same project group and environments, however the teams will have different roles. As it is now, creating a new project group / environment means having to update all the related teams manually. This procedure is prone to errors.

Why not create something similar to life cycles? But instead of describing the direction of deployment, the security setting describes project group and environment access.

F.ex:
Security View 1 contains access to
4 project groups and 3 associated environments

Security View 2 contains access to
3 project groups and 2 associated environments

Security View 1 is used in Team A and B, while Security View 2 is used in Team B and C.