In your organization's development project, the DevOps team requires comprehensive management capabilities over Compute Engine resources, including creating, updating, and deleting Compute Engine instances and related configurations. However, it is crucial to ensure that their permissions are strictly limited to Compute Engine resources, and they must not have the ability to create or modify any other resources within the project. How would you configure their permissions to meet these requirements?