Reuse ALB when moving from private to public

Currently, I am using AWS Direct Connect.

So, both ALB and Cluster of EKS are in private network.

Now, I want to allow access from outside.

So I change the ALB's subnet to public.

However, it still has no global IP adress.

And Scheme keeps Internal

In this case , I need to make the new ALB or is it possible to change Internal to Internet-facing for re-use ALB

And, the setting like this below is possible?

EKS(in private) - ALB(in public)

I wonder, if it works, what the purpose of setting such as put EKS in public?

Always put EKS in private is best practice?

You basically need to create 2 load balancers: 1 internal facing, 1 external facing. The external load balancer accepts internet traffic whereas the internal load balancer accepts internal traffic, i.e. traffic originating from the VPC or networks connected to the VPC. If your service only needs to be accessed by other services within the cluster, you only need to create a service of type ClusterIP. You should be able to register your service with both load balancers by creating 2 ingress definitions. Each ingress definition will have its own ingressGroup, see https://kubernetes-sigs.github.io/aws-load-balancer-controller/v2.5/guide/ingress/annotations/#ingressgroup for additional information. You could also do this, using the targetGroupBinding CRD but I would try ingress first.

You can't assign a static IP address to an ALB. If you want to use a static IP with an ALB you need to follow this pattern, https://repost.aws/knowledge-center/alb-static-ip.