Apparently, you need AWS VPC: Virtual Private Cloud
Here , for example, there is a template from the manufacturer described by cloudformation that creates
something similar to what you need: 2 private networks, 2 public networks (because in 2 AZ)
Access from private networks to the Internet goes through NAT gateway (also an Amazon service) Additionally , you
need to do : access is required only for administration and not for access by various users, such as other developers and support
1. set up a DHCP\DNS server in a private network.
2. register in DHCP options (parameter VPC) your DNS and DHCP servers.
3..???
4. PROFIT!
newly created machines in the VPC will be created with the correct parameters you
need automation - and create everything by hand, but in the case of AWS, the lack of automation will hurt you over time.
PS and where do you run your container? if in lightsail services, then I have not very good news for you: you need to study ecs \ fargate or eks to run it in your private networks, fence ALB \ ELB \ NLB or another balancer on EC2 (nginx, haproxy, etc ..) in order to everything worked and so on and so forth.