Hi all I didn't understand about vpc and subnet anyone can explain me please?

Jatuphon Benjamitr:
Hi all I didn’t understand about vpc and subnet anyone can explain me please?

Al West:
A VPC (Virtual Private Cloud) is a virtual network in a cloud environment where you can launch and manage resources in an isolated space.
A subnet is a range within that VPC, splitting the VPC’s IP address range into smaller segments, allowing you to organise resources and control access.

Deepak Kumar:
I can give you an example, Suppose you are working in a startup company name XYZ, the XYZ company will have its own server, internet connection, and only the users of that company can have access to these services, it means no other company will enter to the XYZ network, similarly in Cloud if you want to have you own isolated network place where you can deploy your servers then we will use VPC for it.

Manoj Kumar:
@Jatuphon Benjamitr Check out this one buddy.
https://media.licdn.com/dms/image/C4E22AQGJfdT1ouwrNg/feedshare-shrink_2048_1536/0/1666092057796?e=1698883200&v=beta&t=XG-NljyAbfK46g_wlDya44P7pebADkiZIvWX7OojywM|https://media.licdn.com/dms/image/C4E22AQGJfdT1ouwrNg/feedshare-shrink_2048_1536/0/1[…]98883200&v=beta&t=XG-NljyAbfK46g_wlDya44P7pebADkiZIvWX7OojywM

1. Client: This is the end-user or system trying to access resources within AWS.
2. VPC (Virtual Private Cloud): Think of VPC as a private section of the AWS cloud where you can place your resources (like EC2 instances). It’s like a gated community where you decide who gets in or out.
3. Subnet: Within your VPC, you can have subnets, which are like smaller sections or plots of land in your gated community. Each subnet resides in a specific Availability Zone (AZ) for redundancy and high availability.
4. Route: This is like the road system within your gated community (VPC). It determines how traffic should flow between subnets, between the VPC and the internet, or to other VPCs. The rules for this traffic are defined in a Route Table.
5. NACL (Network Access Control List): Think of NACLs as the security guards at the entrances of your subnets. They check traffic coming in and out of a subnet and allow or deny based on rules you’ve set. They operate at the subnet level and evaluate traffic based on source and destination IP addresses and ports.
6. Security Group: This is like the security system for individual houses (EC2 instances) within your gated community. It controls inbound and outbound traffic for the instances. Unlike NACLs, security groups are stateful, meaning if you allow an incoming request from an IP, the response is automatically allowed, regardless of outbound rules.
7. EC2 (Elastic Compute Cloud): This is like a house in your gated community. It’s a virtual server where you can run applications. When a client wants to access this house, they must pass through the VPC’s roads (Routes), get checked by the subnet’s security guards (NACLs), and then get permission from the house’s security system (Security Group).
   So, in a simplified flow:
   Client –> VPC (gated community) –> Subnet (plot of land) –> Checked by NACL (security guard) –> EC2 (house) with its own Security Group (house security system).