How to expose an EC2 to internet on AWS?

I want to expose an EC2 service behind ALB, the flow looks like

User -> Route53(Domain) -> ALB -> EC2

Which subnet should the EC2 exist? The private or the public? And in this case, does an EIP necessary?


if you want your EC2 instance to be accessible from the internet via IP, then you would need to configure your subnet to assign public IP addresses,

If you want the IP to be static (e.g. if you reboot the instance the IP would remain the same, then you would need to attach an EIP)

If the instance is in the private subnet then it will be only accessible from instances within the same VPC.

But if your goal is to have internet access in the EC2 instances so you could download updated etc I would suggest looking into "Internet Gateways" Then your EC2 instances would have access to the internet, but you would not be able to SSH into it directly using the internet gateway ip.

So if your goal is to connect directly to the instance using public ip then it needs to be in your public subnet so it would have a public IP address.