To adhere to Google Cloud's best practices for security, which role should be assigned to a user who needs to stop a Cloud Dataproc cluster, instantiate workflow templates, and perform other common user tasks?