Creating an IGW has two impacts

1/ It creates a target for elements in a route table.  This means that egress traffic (from an instance) can be routed to the internet.  however, this take a specific step.  You have to modify a route table.

2/ In addition, and less clear, is that as soon as you associate an IGW with a VPC, all publically routable IPv4 addresses (EIP and auto-assigned IP’s) AND all ipv6 are visible on the internet.  Sure the traffic won’t be routable, but still if there are packet’s of death via the ipv6 stack, even in private subnets they are still vulnerable.  This is generally terrible!  The only defenses with AWS are security groups and NACL’s.  So: even if you are in a private subnet, you should ensure that your security groups don’t allow traffic from the internet (or only allow VPC-level traffic).