Techniques for content item instance access control are described herein. A computing service provider may host execution of a plurality of instances of an interactive content item, such as a video game. Each content item instance may be accessible to a respective set of one or more authorized clients that are associated with the respective content item instance and that are authorized to access the respective content item instance. Additionally, in one embodiment, each content item instance may be inaccessible to one or more unauthorized clients, such as clients that are not associated with the respective content item instance and that are not included in the set of authorized clients. By limiting access to a content item instance to authorized clients, the content item instance may be protected from malicious users, such as hackers, DoS and DDos attackers, and other malicious users.