Are EIP's required for internet traffic?

Question

Sorry if this is a dumb question but I can't find any definitive answers. I setup a VPC with a private subnet and a public subnet. THe private subnet has a NAT'd instance to route for internet traffic. The public subnet is configured to go out of the IGW.

-I created a Bastion host to login into SSH
-I created Test instance on private subnet and connect from Bastion Host. Because of the route to the NAT instance and port 80/443 is allowed and ICMP, i can ping and access files on the internet.
-I create instance on public subnet without EIP. Since it has a route to the IGW, shouldn't I have internet access? I created a test security group to allow all traffic from all sources and i still can't ping or get http links.

Answer 1

A public subnet instance with a public DNS name should be accessible over the internet provided you have right VPC security group configured. You do not need an EIP.

Public DNS name of EC2 instance changes when you stop and start the instance. to avoid this, you can assign an EIP to the instance so that the IP address remains same across the instance stop/start cycles.

You need to answer these questions:

1. Does your public subnet instance has a public DNS hostname? Run curl -s http://169.254.169.254/latest/meta-data/public-hostname on your instance to see the public DNS hostname.
2. Do you have VPC security group configured properly to allow incoming internet access ?