I have purchased a domain company.com and created a public sub-domain sales.company.com (a public hosted zone in route 53). I mapped(created A record) sub-domain to an internal application load balancer (ALB) i.e. this ALB can only be accessed within my company network. My understanding was a public sub-domain can be mapped to private internal ALB, but when i am trying to access this public sub-domain it is not reachable from internet and i get "This site can’t be reached". Does ALB has to be a public ALB or is there anything else i need to fix here to make it publicly accessible ?
Since you are using a "public hosted zone in route 53", any A, CNAME or ALIAS record must be made to a public endpoint avaialble over the internet. From docs:
A public hosted zone is a container that holds information about how you want to route traffic on the internet for a specific domain.
Thus your ALB must be publicly available. If you want to keep it as an internal ALB (private), you have to create private hosted zone. This way you can access it only from within a VPC, not over the internet unless you are using VPN.