What is one limitation of an Account Viewer?

The limitation associated with an Account Viewer role primarily revolves around their ability to make changes within the account, specifically regarding user group management. An Account Viewer is designed to provide read-only access to account information, which means they can view a variety of data and analytics without the ability to alter any settings or configurations.

This role is aligned with ensuring that sensitive areas such as user group editing remain secure and exclusively managed by users with higher permissions. Therefore, the inability to edit user groups is a crucial limitation, as it reinforces the principle of least privilege in access management.

While Account Viewers can review invoices and consumption data, as well as access credit card information—provided that such permissions are granted—editing capabilities are reserved for roles with more extensive permissions to protect the integrity and security of user management within the account. This structure helps organizations maintain control over user access and data management within the Dynatrace environment.