No validation done when only `PublicIP == true` but public subnet has `MapPublicIPOnLauch == false`

[r4f4]

/kind bug

What steps did you take and what happened:

1. Create a shared VPC with private and public subnets, where all public subnets have MapPublicIPOnLaunch == false.
2. Create an AWSMachine with PublicIP = true and Subnet = nil

What did you expect to happen: CAPA throws an error letting the user know that no public IP will be assigned to the instance.

Instead what happens is the machine only has a private IP assigned and cannot talk to the internet because the internet gateway doesn't provide NAT.

Anything else you would like to add: https://cluster-api-aws.sigs.k8s.io/topics/bring-your-own-aws-infrastructure does not say that having MapPublicIPOnLaunch == true is a requirement for public subnets, even though it expects that. Note that the condition is checked if a subnet ID is set in the AWSMachine spec: https://github.com/kubernetes-sigs/cluster-api-provider-aws/blob/main/pkg/cloud/services/ec2/instances.go#L337-L340

Environment:

• Cluster-api-provider-aws version: main @ d62768f507f85b25db1e5a74e0e820ed1f8e4414
• Kubernetes version: (use kubectl version): 1.29
• OS (e.g. from /etc/os-release): RHCOS

[k8s-ci-robot]

This issue is currently awaiting triage.

If CAPA/CAPI contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[r4f4]

An alternative to https://github.com/kubernetes-sigs/cluster-api-provider-aws/pull/4889 is to set AssociatePublicIPAddress = true in the NetworkInterface of the machine when PublicIP = true but the public subnet doesn't have MapPublicIPOnLaunch == true.