A new intern has joined your team and requires access to Google Compute Engine within your sandbox project to experiment with various settings and launch compute instances for testing purposes. You are tasked with providing this access. What is the most appropriate way to grant the intern access to Compute Engine without exceeding the necessary permissions?