AWS VPC Basics
·1 min
What is a VPC? #
A Virtual Private Cloud (VPC) is a logically isolated network within AWS. It gives you full control over IP ranges, subnets, route tables, and gateways.
Key Components #
Subnets #
- Public subnet — has a route to an Internet Gateway; hosts resources accessible from the internet
- Private subnet — no direct internet route; hosts databases, backend services
Internet Gateway (IGW) #
Attached to a VPC to allow communication between resources in the VPC and the internet.
Route Tables #
Control where network traffic is directed. Each subnet is associated with one route table.
| Destination | Target |
|---|---|
| 10.0.0.0/16 | local |
| 0.0.0.0/0 | igw-xxxxxxxx |
Security Groups #
Stateful firewall rules at the instance level. Allow rules only — no explicit deny.
NACLs #
Stateless firewall rules at the subnet level. Support both allow and deny rules.
Common Architecture #
VPC 10.0.0.0/16
├── Public Subnet 10.0.1.0/24 → IGW → Internet
└── Private Subnet 10.0.2.0/24 → NAT Gateway → Internet (outbound only)