Your organization has two separate teams : a networking team and an application development team . The development team deploys applications on Compute Engine instances that contain confidential data . They require admin-level access to manage Compute Engine resources. Meanwhile, the company enforces a policy where all networking components must be controlled by the networking team . The development team wants to ensure that the networking team cannot access sensitive instance data . How should you design the Google Cloud environment to meet these requirements?