You are deploying applications in Google Kubernetes Engine (GKE) that need secure access to a Cloud Storage bucket on Google Cloud. You want to grant access to the bucket for the containers running in these GKE Pods while keeping management tasks minimal. What approach should you use?