Users, Permissions And Approvals

GTM separates account access from container access, and container roles range from read-only up to publish. The principle is least privilege: give people the lowest level that lets them do their job.

A typical setup

• View for stakeholders who only need to look.
• Edit for people who build but should not publish.
• Approve / Publish for a small, trusted group.

Restricting who can publish creates a natural review gate, especially important because a Custom HTML tag can run arbitrary code on every page. Treat publish rights as a responsibility, not a default.