At a startup, all developers require uniform access to all Google Cloud projects within the organization, limited to Compute Engine, Cloud Functions, and Cloud SQL for security reasons. What is the most efficient method to implement this security policy?