Virtual Private Cloud (VPC)
A Virtual Private Cloud (VPC) is a logically isolated section of a public cloud provider's network where a customer can launch resources into a private, customer-defined IP address space, with full control over subnets, routing, and…
Definition
A Virtual Private Cloud (VPC) is a logically isolated section of a public cloud provider's network where a customer can launch resources into a private, customer-defined IP address space, with full control over subnets, routing, and network access.
Overview
A VPC gives cloud customers the networking equivalent of their own private data center network, carved out of a public provider's shared infrastructure. Within a VPC, customers define a private IP address range, split it into subnets (often separating public-facing subnets from private, backend-only subnets), configure route tables to control traffic flow, and attach security groups and network access control lists to restrict which traffic is allowed in or out. Every major provider offers this concept under its own name — Amazon VPC on AWS, Virtual Network (VNet) on Azure, and VPC on Google Cloud — and the underlying idea is the same: even though the physical infrastructure is shared across many customers, each VPC is logically isolated, so traffic inside one customer's VPC is invisible to others unless explicitly connected. Resources like EC2 instances, databases, and load balancers are launched inside a VPC's subnets, and connectivity to the outside world — the internet, a corporate network, or another VPC — is controlled explicitly through internet gateways, VPN connections, or peering. VPCs are foundational to almost every other piece of cloud networking: a Cloud VPN or Direct Connect / ExpressRoute link connects a VPC back to on-premises infrastructure for hybrid cloud setups, and VPC peering or transit gateways connect multiple VPCs together in multi-cloud or multi-account architectures. Getting VPC design right — proper subnet segmentation, least-privilege security groups, and controlled egress — is one of the most consequential security decisions in any cloud deployment, and is covered in depth in the Cloud Security course.
Key Concepts
- Logically isolated, customer-defined private IP address space within a public cloud
- Subnets divide the VPC into public-facing and private network segments
- Route tables control how traffic flows between subnets and to the internet
- Security groups and network ACLs enforce fine-grained inbound/outbound rules
- Internet gateways, NAT gateways, and VPN connections control external connectivity
- VPC peering and transit gateways connect multiple VPCs together
- Foundation for hybrid and multi-cloud network architectures
Use Cases
Frequently Asked Questions
From the Blog
Cloud Computing for Beginners: A Complete Guide
A comprehensive guide to cloud computing for beginners: a complete guide — written for learners at every level.
Read More Cloud & CybersecurityAWS vs Azure vs Google Cloud: Which to Learn?
A comprehensive guide to aws vs azure vs google cloud: which to learn? — written for learners at every level.
Read More Cloud & CybersecurityAWS for Beginners: Cloud Computing Fundamentals
Amazon Web Services is the world's most widely used cloud platform. This guide covers the core services every developer needs — EC2 (virtual servers), S3 (storage), IAM (access control), VPC (networking), and RDS (databases) — with practical setup instructions and free tier guidance.
Read More Cloud & CybersecurityInfrastructure as Code Explained: Terraform Basics
Clicking through cloud consoles doesn't scale. Infrastructure as Code (IaC) lets you define, version, and automate your cloud resources in code. This guide explains IaC concepts and walks you through Terraform — the most widely used IaC tool.
Read More