You are enhancing a functional automation that utilizes a service account for authentication. Your task is to enable the automation to retrieve files from a Cloud Storage bucket while adhering to your organization's policy of least privilege. What action should you take?