AWS VPC Networking Explained
Ad
What is a VPC?
A Virtual Private Cloud (VPC) is your own isolated network within AWS. You control IP ranges, subnets, routing, and security — like having a private data center in the cloud.
Core Components
| Component | Purpose |
|---|---|
| Subnet | Subdivision of the VPC |
| Route Table | Directs traffic |
| Internet Gateway | Connects to internet |
| Security Group | Instance firewall |
| NACL | Subnet firewall |
Public vs Private Subnets
- Public subnet — has internet access (web servers).
- Private subnet — no direct internet (databases).
Typical Architecture
VPC (10.0.0.0/16)
├─ Public Subnet (10.0.1.0/24) → Web servers
└─ Private Subnet (10.0.2.0/24) → DatabaseSecurity Layers
Security Groups protect instances; Network ACLs protect subnets — defense in depth.
FAQs
Security Group vs NACL?
Security Groups are stateful (instance level); NACLs are stateless (subnet level). More in our AWS guides.
Why use private subnets?
To keep databases and sensitive resources off the public internet.