A company wants to enforce regulations to prevent frequent logins by DevOps engineers to the Amazon EC2 instances, with the added condition that immediate notification must be sent to the security team if any login occurs. What solution would you suggest to meet these requirements?