VPC (Virtual Private Cloud) هي شبكتك الافتراضية المعزولة الخاصة داخل AWS — حيث تطلق الموارد (مثل مثيلات EC2) مع التحكم في نطاقات IP والشبكات الفرعية والتوجيه والأمان. إنها الأساس الشبكي لموارد AWS.
ما هي VPC
A VPC is a logically ISOLATED virtual network in AWS that YOU control:
→ define your IP address range (CIDR block, e.g. 10.0.0.0/16)
→ divide it into SUBNETS; control ROUTING and security
→ your resources (EC2, RDS, etc.) live inside it, isolated from other networks
→ Like having your own private network in the cloud.
المكونات الرئيسية
SUBNET → a segment of the VPC's IP range, placed in one Availability Zone:
PUBLIC subnet → has a route to the internet (via an Internet Gateway) — for
public-facing resources (web servers, load balancers)
PRIVATE subnet → NO direct internet route — for backend resources (databases, app
servers) that shouldn't be publicly reachable
INTERNET GATEWAY → connects the VPC to the internet (for public subnets)
NAT GATEWAY → lets PRIVATE subnet resources reach OUT to the internet (e.g. updates)
without being reachable FROM the internet
ROUTE TABLES → control where traffic goes
SECURITY GROUPS / NACLs → firewalls controlling traffic to resources/subnets
