To keep it very simple, For any two programs to communicate with each other over a network, you need two things

1. IP Address
2. Port Number

Consider you have two EC2 instances. Lets name them

1. Instance1
2. Instance2

On each of these instances, you must be having some programs between which you want the communication to take place. Also, these programs must be running on a PORT of the instance. For example, tomcat instance runs on port 8080 by default. Lets name our programs:-

1. Program1 (program running on Instance1), running on port 1000
2. Program2 (program running on Instance2), running on port 2000

Let us first talk about Program1 running on port 1000 of Instance1.

1. Log onto AWS Console
2. Click on EC2 Service
3. In the left panel, click on Security Groups
4. Click on the button Create Security Group
5. An overlay will open.
6. Put-in the name and description of your choosing
7. Click on the tab Inbound and click on Add Rule
8. Here, you are adding which port should accept connections.
9. Set the following details:-
   
   -Type: Custom TCP Rule
   -Protocol: TCP
   -Port Range: 1000 [Or any other port on which your program runs]
   -Source: External IP from where Program1 can be accessed. It can be "Everywhere", "My IP" or a "Custom IP"
   
10. Click on the tab Outbound and click on Add Rule
11. Repeat Step 9, if you want outbound communication.

Repeat these steps on Instance2 and you will be good to go.

Well , you can launch the instances in a amazon VPC , then infront of your App server you can place a Load balancer for traffic. The VPC must have a internet gateway attached to it as well. To access the whole VPC , you can create a jumpbox/bastion host.

Based on your "Ec@ Scenario" image, you can add your "application server" & "backend server" under respective load balancer & can communicate with each other using LB name/end-point url. This would ensure, even if the underling EC2 instance shutdown/re-instanced, the communication won't break.