Below is the cloudformation code creating EC2 instance in public subnet, taken from here:
"EC2Instance":{ "Type": "AWS::EC2::Instance", "Properties":{ "ImageId": "ami-05958d7635caa4d04", "InstanceType": "t2.micro", "SubnetId": { "Ref": "SubnetId"}, "KeyName": { "Ref": "KeyName"}, "SecurityGroupIds": [ { "Ref": "EC2InstanceSecurityGroup"} ], "IamInstanceProfile": { "Ref" : "EC2InstanceProfile"}, "UserData":{ "Fn::Base64": { "Fn::Join": ["", [ "#!/bin/bash\n", "echo ECS_CLUSTER=", { "Ref": "EcsCluster" }, ">> /etc/ecs/ecs.config\n", "groupadd -g 1000 jenkins\n", "useradd -u 1000 -g jenkins jenkins\n", "mkdir -p /ecs/jenkins_home\n", "chown -R jenkins:jenkins /ecs/jenkins_home\n" ] ] } }, "Tags": [ { "Key": "Name", "Value": { "Fn::Join": ["", [ { "Ref": "AWS::StackName"}, "-instance" ] ]} }] } },
By default, public IP is getting assigned to EC2 instance:
How to make EC2 instance assign private IP only?