You are tasked with deploying a third-party One Time Password (OTP) application service on Compute Engine. This service will send users an OTP upon sign-up. The application's installation files are stored in Cloud Storage. How can you ensure that only the new instance can access these installation files, without granting access to other already-configured instances?