Security Groups act as virtual firewalls for your virtual servers, allowing you to configure both inbound and outbound traffic rules that regulate access to the servers on a per-instance basis. This provides the precise control necessary for the scenario described. In contrast, network ACLs are more coarse and are used to control traffic at the subnet level rather than the instance level. VPC peering connections and VPC endpoints are used for networking purposes but do not provide security features that control access to individual server instances.