A security engineer must grant a service account permission to read objects from a single Cloud Storage bucket without granting project-wide access. What is the most appropriate approach?
A security engineer must grant a service account permission to read objects from a single Cloud Storage bucket without granting project-wide access. What is the most appropriate approach?