EC2 on Public/Private subnet. Using Session Manager

Create one EC2 instance on a public subnet and an EC2 instance on a private subnet.

Environment

VPC
Two public subnets.
Two private subnets.
One EC2 instance on a public subnet
One EC2 instance on a private subnet
VPC endpoint for Session Manager connection to a private subnet
NAT Gateway
OS: Ubuntu 18.04
The EC2 instances can be logged in with Session Manager instead of SSH. This is more secure than the web-ssh configuration.
Install and start Nginx with the user data.
Build a NAT gateway so that the EC2 instances on the private subnet can access the Internet.

For more information on how to use Session Manager, please refer to the following (AWS official documentation)
Session Manager
How to connect an EC2 instance

« Deploy a Golang application on ECS Fargate EC2 with Autoscaling group »