You are managing a multi-tier gaming application on Compute Engine. A VM within this stack is managed by another team, dev-1, who has requested SSH access to their VM in your GCP project. Your goal is to ensure dev-1 team members can only access their VM and no other resources in the project. What is the best approach to configure this access?