Scenario: Your web application runs on several VM instances within a VPC. You need to restrict communication between instances to specific paths and ports without relying on static IP addresses or subnets, as the application can autoscale. Question: How should you configure restrictions to ensure secure communication between VM instances in a scalable way?