Either Lightsail, or just the default VPC that all AWS accounts come with.
If you think your use case needs private/public subnets, NAT, complex routing tables, etc. you can still add that to the default VPC later.
A few years ago, when what we now call EC2 classic was a thing, there were no sophisticated networking options at all. I assume VPC and its services were introduced because customers asked for something that feels like traditional datacenter networking.
This stuff is obviously so hard to use that even the experts don't know wtf they are doing.
At a prev shop, they undersized the VPC had sporadic failures of burst compute like spot instances that got spun up by other AWS services (Batch) to work through job queues. Neither the cloud architect or CloudOps lead could resolve this for months, or even temporarily prevent the breaches, until a big VPC resize / reshuffle / migration over a weekend. Probably $1M/year TC between these two guys. Incredible stuff.
Felt like on-prem kind of stuff that I was reliably told the cloud solved.
If you think your use case needs private/public subnets, NAT, complex routing tables, etc. you can still add that to the default VPC later.
A few years ago, when what we now call EC2 classic was a thing, there were no sophisticated networking options at all. I assume VPC and its services were introduced because customers asked for something that feels like traditional datacenter networking.