Permissions
ShareGate Overcast will consume billing data and metrics coming from your Azure subscriptions using a permissions delegation model, so ShareGate Overcast requires that you login with an Organizational (Azure AD) or Personal (Microsoft) user account. ShareGate Overcast can then use the permissions granted and delegated through the consent process to access your Azure resources as the user. That means that it will have the same access on Azure resources as the user who is logged in.
Roles
ShareGate Overcast requires a user with the Reader Azure role definition on your subscriptions. The Reader role only gives access to the control-plane on Azure. As such, this role does not grant any access to your data-plane (i.e. data stored in databases, storage accounts, virtual machines, drives, etc.).
Note: ShareGate Overcast uses the Azure REST APIs to connect on your behalf and perform queries. These queries are performed against the Billing APIs as well as the various resources that are analyzed in order to determine recommendations on how to reduce costs.