VPC(Virtual Private Cloud)は、AWS内のあなた自身の分離された仮想ネットワークです。ここでリソース(EC2インスタンスなど)をIPレンジ、サブネット、ルーティング、セキュリティを制御して起動します。AWSリソースのネットワーク基盤です。
VPCとは
A VPC is a logically ISOLATED virtual network in AWS that YOU control:
→ define your IP address range (CIDR block, e.g. 10.0.0.0/16)
→ divide it into SUBNETS; control ROUTING and security
→ your resources (EC2, RDS, etc.) live inside it, isolated from other networks
→ Like having your own private network in the cloud.
主要なコンポーネント
SUBNET → a segment of the VPC's IP range, placed in one Availability Zone:
PUBLIC subnet → has a route to the internet (via an Internet Gateway) — for
public-facing resources (web servers, load balancers)
PRIVATE subnet → NO direct internet route — for backend resources (databases, app
servers) that shouldn't be publicly reachable
INTERNET GATEWAY → connects the VPC to the internet (for public subnets)
NAT GATEWAY → lets PRIVATE subnet resources reach OUT to the internet (e.g. updates)
without being reachable FROM the internet
ROUTE TABLES → control where traffic goes
SECURITY GROUPS / NACLs → firewalls controlling traffic to resources/subnets
