Step 3: Control User Session Access to Instances