Amazon Virtual Private Cloud (VPC) is a customizable and isolated environment within the AWS cloud, allowing users to launch resources in a defined virtual network. It offers complete control over networking, including IP address selection, subnet creation, and security configurations like security groups and network access control lists. Key features include the ability to assign multiple IP addresses, manage network interfaces, and connect to other VPCs through peering, enhancing both security and connectivity.

1. Virtual Private Cloud
•Amazon Virtual Private Cloud (Amazon VPC) provides a logically isolated area of the AWS cloud
where you can launch AWS resources in a virtual network that you define.
•You have complete control over your virtual networking environment, including a selection of your
IP address range, the creation of subnets, and configuration of route tables and network gateways.
•You can easily customize the network configuration for your Amazon Virtual Private Cloud. For
example, you can create a public-facing subnet for web servers that can access to the internet and
can also place your backend system such as databases or application servers to a private-facing
subnet.
•You can provide multiple layers of security, including security groups and network access control
lists, to help control access to Amazon EC2 instances in each subnet.

2. Benefits
 Assign multiple IP addresses to your instances.
 Assign static private IP addresses to your instances that persist across starts and stops.
 Define network interfaces, and attach one or more network interfaces to your instances.
 Change security group membership for your instances while they're running.
 Add an additional layer of access control to your instances in the form of network access control lists (ACL).
 Run your instances on single-tenant hardware

3. Subnet
The practice of dividing a network into two or more networks is called subnetting.
Route Tables
A route table contains a set of rules, called routes, that are used to determine where network traffic from your subnet or
gateway is directed.
Internet Gateway(IGW)
Allows communication between instances in your VPC and the internet.
Nat Gateway
Provides internet to your private instances

4. VPC Peering
 VPC Peering is a networking connection that allows you to connect one VPC with another
VPC through a direct network route using private IP addresses.
 You can peer VPC's with other AWS accounts as well as other VPCs in the same account.
 You can peer between regions. Suppose you have one VPC in one region and other VPC in
another region, then you can peer the VPCs between different regions.

5. NACL(Network Access Control Lists)
 It is a security layer for your VPC that
controls the traffic in and out of one or more
subnets.
 You can set up a Network ACL similar to the
security group that adds an additional layer
of security to your VPC.
 Your custom VPC automatically comes with
the default Network ACL which includes all
inbound and outbound ipv4 traffic.
 Network ACL is associated with both
inbound and outbound rules that can either
deny or allow the rules.