They're complete opposites:
AmbientCapabilities
grants capabilities that the process normally wouldn't have started with.
CapabilityBoundingSet
limits capabilities the process is allowed to obtain. It doesn't grant any.
For your task, it is enough to set AmbientCapabilities to grant the privileges – the bounding set already allows everything by default, so there's no need to change the it.
Instead, the latter is meant to be a security hardening feature. Even if the service literally runs as root (uid 0) – or calls a setuid-root program like 'su' or 'sudo' – it can never gain any privileges that aren't in its bounding set.
But you can (and perhaps should) set both if you're sure your service won't be directly running anything that needs higher privileges.