Your application is hosted on Compute Engine and utilizes application default credentials to interact with Google APIs. It requires permissions to write data to a specific Cloud Storage bucket. Adhering to Google's best practices, what is the most appropriate action to take?
