Your company has deployed all its Cloud Source Repositories in a separate GCP Project. You need to grant developers in the 'dev' Project access to commit code to the 'dev' repository in that Project, adhering to Google’s best practice of least privilege. What is the best way to achieve this?