There are (at least) 2 methods to permit ARP traffic between only 2 hosts. Vlan Maps & ARP Inspection.
Host 1 (IP: 22.214.171.124 MAC: 0000.0c46.4646)
Host 2 (IP: 126.96.36.199 MAC: 0000.0c64.6464)
Using Vlan Maps
mac access-list extended ARP
permit host 0000.0c46.4646 host 0000.0c64.6464 0x806 0x0
permit host 0000.0c64.6464 host 0000.0c46.4646 0x806 0x0
permit host 0000.0c46.4646 host ffff.ffff.ffff 0x806 0x0
permit host 0000.0c64.6464 host ffff.ffff.ffff 0x806 0x0
deny any any 0x806 0x0
permit any any
vlan access-map VLAN_46_ARP 10
match mac address ARP
vlan filter VLAN_46_ARP vlan-list 46
0x806 is the ethertype for arp packets, ffff.ffff.ffff is the L2 broadcast address used by arp when a host is sending the initial arp request in order to find the mac address of the other host.
Using ARP Inspection
arp access-list VLAN_46_ARP
permit ip host 188.8.131.52 mac host 0000.0c46.4646
permit ip host 184.108.40.206 mac host 0000.0c64.6464
ip arp inspection vlan 46
ip arp inspection filter VLAN_46_ARP vlan 46
The arp access-list includes the mappings between the ip and the mac of each host that should be allowed to send arp packets.