← Back to Hub / Cloud & Infrastructure

Virtual Private Cloud (VPC)

Your own private slice of the cloud. A VPC is an isolated network where you define the IP ranges, subnets, route tables, and gateways. It's the foundation of cloud security.

🏗ī¸ The Building Blocks

1. The House (VPC)

The outer boundary. Usually defined by a large CIDR block like 10.0.0.0/16. Nothing gets in or out without a door.

2. The Rooms (Subnets)

Smaller slices of the VPC (e.g., 10.0.1.0/24). You group resources here based on security needs (Public vs Private).

3. The Map (Route Table)

The logic. It tells traffic where to go.
"Traffic for 10.0.0.0/16 goes local. Traffic for 0.0.0.0/0 goes to the Internet Gateway."

4. The Doors (Gateways)

IGW (Internet Gateway): The front door. Two-way traffic.
NAT Gateway: The one-way valve. Lets internal systems talk out, but blocks outsiders coming in.

🕹ī¸ The "Packet Plumber" Game

Scenario: You have a Database in a Private Subnet. It needs to download updates from the internet.
Mission: Configure the Route Table to let it connect safely.

Private Subnet Route Table
10.0.0.0/16 ➔ local
0.0.0.0/0 (Internet) ➔ ?
☁ī¸ Internet
đŸšĒ
IGW
🛡ī¸
NAT GW
VPC
🔒 Private Subnet
🗄ī¸
Waiting for configuration...

⚔ī¸ Firewalls: The Double Layer

Feature Security Group (SG) Network ACL (NACL)
Protects The Instance (Server) The Subnet (Neighborhood)
State Stateful (Return traffic auto-allowed) Stateless (Must explicitly allow return)
Rules Allow rules only Allow AND Deny rules