We have Viewer, Member, Admin roles. Currently, Member role is defined as:

-All in Viewer

-Edit access to all definitions and dashboards in the account

-Blacklist IPs

I want to have an access role, where my team can create reports/dashboards on their own, but they should not be able to make changes to any of the goals and properties that have been defined.