Unable to access ECS-hosted app without ALB in AWS - works with load balancer, fails without

Question

I'm trying to access my application without putting an ALB in front. Currently, I have one running instance which has an ALB in front of it. I can access the app perfectly from the internet in that environment. I created a new instance with the same configuration for the cluster, service, task, etc. Except, there's no ALB or Target Group sitting in front. With this setup, I can't access my app. I figure my load balancer is providing some functionality that I don't have without it, but can't pinpoint what that is.

Below are some of the troubleshooting steps I've taken. Also, for context, the container that my app is running on listens on 8080.

Through my browser, I've tried:

• Public IPv4 DNS: ec2-34-238-254-135.compute-1.amazonaws.com
• Public IPv4 DNS with http and port: ec2-34-238-254-135.compute-1.amazonaws.com:8080
• Public IPv4 DNS with https and port: https:ec2-34-238-254-135.compute-1.amazonaws.com:8080
• Used the Public IPv4 instead of the domain name (as if that makes a difference)
• I can SSH

Checked my instance's VPC NACL Inbound rules. Looks fine to me:

Checked the security group for my instance. Looks fine to me:

My instance is in a public subnet. The igw is allowing traffic from everywhere:

The container where my app lives listens on port 8080. My target group point to port 8080 (which verifies were sending a request to the correct port):

I could access the app, I think, when setting the task definition network mode to bridge instead of awsvpc. I really don't want to go back and reconfigure everything so I'd like to try to make it work with awsvpc.

In addition, this SO post seems to suggest that I might need to download a web server on my instance? Any validity to that? Thank you.