diff --git a/content/operate/rc/api/get-started/_index.md b/content/operate/rc/api/get-started/_index.md
index 3fdc99a6c5..3cf0c9de21 100644
--- a/content/operate/rc/api/get-started/_index.md
+++ b/content/operate/rc/api/get-started/_index.md
@@ -53,7 +53,7 @@ User keys are personal secrets. Do not share them.
{{< /note >}}
Individual owners can [generate multiple user keys]({{< relref "/operate/rc/api/get-started/manage-api-keys.md" >}})
-for themselves, for separate apps, or for other owners within the same account.
+for themselves, for separate apps, or for other owners, viewers, or log viewers within the same account.
Use key names to uniquely associate specific API requests to individual users or apps.
diff --git a/content/operate/rc/api/get-started/enable-the-api.md b/content/operate/rc/api/get-started/enable-the-api.md
index ef39e20f42..c9073ff290 100644
--- a/content/operate/rc/api/get-started/enable-the-api.md
+++ b/content/operate/rc/api/get-started/enable-the-api.md
@@ -31,7 +31,7 @@ To enable the API:
To authenticate REST API calls, you need to combine the API account key with an [API user key]({{< relref "/operate/rc/api/get-started/manage-api-keys#api-user-keys" >}}) to make API calls.
-Only account owners can see the access key in the account settings.
+Only account owners can see the access key in the account settings and give API access to other users.
{{< warning >}}
Make sure that you keep your access keys secret. Anyone who sends an API request with a valid access key can make changes to your account.
diff --git a/content/operate/rc/api/get-started/manage-api-keys.md b/content/operate/rc/api/get-started/manage-api-keys.md
index a7d2494308..c71b0860af 100644
--- a/content/operate/rc/api/get-started/manage-api-keys.md
+++ b/content/operate/rc/api/get-started/manage-api-keys.md
@@ -62,7 +62,7 @@ The key name:
- Must be between 10 and 50 characters long
- Can contain alphanumeric characters, hyphens, and underscores. Spaces are not allowed.
-The user name must have an owner or viewer role.
+The user name must have an owner, viewer, or logs viewer role.
Select **Create** to create the new key.
diff --git a/content/operate/rc/changelog/december-2024.md b/content/operate/rc/changelog/december-2024.md
new file mode 100644
index 0000000000..8cdac56d0e
--- /dev/null
+++ b/content/operate/rc/changelog/december-2024.md
@@ -0,0 +1,21 @@
+---
+Title: Redis Cloud changelog (December 2024)
+alwaysopen: false
+categories:
+- docs
+- operate
+- rc
+description: New features, enhancements, and other changes added to Redis Cloud during
+ December 2024.
+highlights: Logs Viewer API role
+linktitle: December 2024
+weight: 38
+---
+
+## New features
+
+### Logs Viewer role
+
+You can now add a user with the **Logs Viewer** role in the [Access Management]({{< relref "/operate/rc/security/access-control/access-management" >}}) screen. Logs Viewers can only use the [Redis Cloud API]({{< relref "/operate/rc/api" >}}) [`GET logs/`](https://api.redislabs.com/v1/swagger-ui/index.html#/Account/getAccountSystemLogs) endpoint.
+
+See [Team Management roles]({{< relref "/operate/rc/security/access-control/access-management#team-management-roles" >}}) to see an overview of user roles and their permissions.
\ No newline at end of file
diff --git a/content/operate/rc/security/access-control/access-management.md b/content/operate/rc/security/access-control/access-management.md
index 8a7c2ee74c..032ee73449 100644
--- a/content/operate/rc/security/access-control/access-management.md
+++ b/content/operate/rc/security/access-control/access-management.md
@@ -108,24 +108,31 @@ Roles and responsibilities are:
- **Viewer** can view all databases and their configurations, including database secrets.
-This table shows each role's ability to perform common tasks using the Redis Cloud console.
-
-| **Task** | **Owner** | **Billing Admin** | **Manager** | **Member** | **Viewer** |
-|---|---|---|---|---|---|
-| Access management | ✅ Yes | ❌ No | ❌ No | ❌ No | ❌ No |
-| Account settings | ✅ Yes | ✅ Yes[1](#table-note-1) | ❌ No | ❌ No | ❌ No |
-| Billing & payments | ✅ Yes | ✅ Yes | ❌ No | ❌ No | ❌ No |
-| Create subscription | ✅ Yes | ❌ No | ✅ Yes | ❌ No | ❌ No |
-| Edit subscription | ✅ Yes | ✅ Yes[2](#table-note-2) | ✅ Yes | ❌ No | ❌ No |
-| Create database (affects cost) | ✅ Yes | ❌ No | ✅ Yes | ❌ No | ❌ No |
-| Edit database (affects cost) | ✅ Yes | ❌ No | ✅ Yes | ❌ No | ❌ No |
-| Create database (no cost impact) | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | ❌ No |
-| Edit database (no cost impact) | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | ❌ No |
-| View subscription | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes |
-| View database | ✅ Yes | ✅ Yes[3](#table-note-3) | ✅ Yes | ✅ Yes | ✅ Yes |
+- **Logs viewer** can not access the Redis Cloud console. They are only allowed access to the [Redis Cloud API]({{< relref "/operate/rc/api" >}}) [`GET logs/`](https://api.redislabs.com/v1/swagger-ui/index.html#/Account/getAccountSystemLogs) endpoint.
+
+This table shows each role's ability to perform common tasks.
+
+| **Task** | **Owner** | **Billing Admin** | **Manager** | **Member** | **Viewer** | **Logs Viewer** |
+|---|---|---|---|---|---|---|
+| Access management | ✅ Yes | ❌ No | ❌ No | ❌ No | ❌ No | ❌ No |
+| Account settings | ✅ Yes | ✅ Yes[1](#table-note-1) | ❌ No | ❌ No | ❌ No | ❌ No |
+| Billing & payments | ✅ Yes | ✅ Yes | ❌ No | ❌ No | ❌ No | ❌ No |
+| Create subscription | ✅ Yes | ❌ No | ✅ Yes | ❌ No | ❌ No | ❌ No |
+| Edit subscription | ✅ Yes | ✅ Yes[2](#table-note-2) | ✅ Yes | ❌ No | ❌ No | ❌ No |
+| Create database (affects cost) | ✅ Yes | ❌ No | ✅ Yes | ❌ No | ❌ No | ❌ No |
+| Edit database (affects cost) | ✅ Yes | ❌ No | ✅ Yes | ❌ No | ❌ No | ❌ No |
+| Create database (no cost impact) | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | ❌ No | ❌ No |
+| Edit database (no cost impact) | ✅ Yes | ❌ No | ✅ Yes | ✅ Yes | ❌ No | ❌ No |
+| View subscription | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No |
+| View database | ✅ Yes | ✅ Yes[3](#table-note-3) | ✅ Yes | ✅ Yes | ✅ Yes | ❌ No |
+| Use the [REST API]({{< relref "/operate/rc/api" >}}) | ✅ Yes | ❌ No | ❌ No | ❌ No | ✅ Yes[4](#table-note-4) | ✅ Yes[5](#table-note-5) |
1. Billing Admins can only edit the account billing address in Account Settings.
2. Billing Admins can only change the payment method when editing a subscription.
3. Billing Admins can see the list of databases, but can not see database details, including connection details.
+
+4. Viewers can use the REST API for GET requests, but can not modify subscription or database details.
+
+5. Logs viewers can only use the [`GET logs/`](https://api.redislabs.com/v1/swagger-ui/index.html#/Account/getAccountSystemLogs) endpoint of the REST API.