A virtual private cloud (VPC) is a virtual network dedicated to your AWS account. It is logicallyisolated from other virtual networks in the AWS cloud. You can launch your AWS resources, such asAmazon EC2 instances, into your VPC. You can configure your VPC: you can select its IP addressrange, create subnets, and configure route tables, network gateways, and security settings. A subnetis a range of IP addresses in your VPC. You can launch AWS resources into a subnet that you select.Use a public subnet for resources that must be connected to the Internet, and a private subnet forresources that won't be connected to the Internet.
If a subnet's traffic is routed to an internet gateway, the subnet is known as a public subnet. If asubnet doesn't have a route to the internet gateway, the subnet is known as a private subnet. If asubnet doesn't have a route to the internet gateway, but has its traffic routed to a virtual privategateway, the subnet is known as a VPN-only subnet.