VPC
Virtual Private Cloud: a logically isolated section of the cloud where you launch resources in a virtual network you define. Controls IP ranges, subnets, route tables, and gateways.
What is VPC?
Virtual Private Cloud: a logically isolated section of the cloud where you launch resources in a virtual network you define. Controls IP ranges, subnets, route tables, and gateways.
VPC is a intermediate-level concept that sits in the Cloud Infrastructure area of system design. Engineers reach for it whenever they need to reason about real-world trade-offs in that space — not just for textbook correctness, but because real production systems at companies like Netflix, Amazon, and Google make these decisions every day.
If you want to go deeper than this definition — with diagrams, code, and a quiz to lock it in — work through the "VPC" lesson linked below. It walks through the why, the mechanism, the trade-offs, and how the giants actually use it in production.
Learn VPC in depth
Full interactive lesson with diagrams, code examples, real-world references, and a quiz.
Open the VPC lessonRelated lessons
Lessons that touch on VPC as part of a larger topic.
VPC Peering
Connecting two VPCs so their resources can communicate using private IP addresses
intermediate · cloud infrastructure
Subnets
Dividing a network into isolated segments for security, organization, and efficiency
intermediate · cloud infrastructure
Internet Gateway
The door between your private cloud network and the public internet
intermediate · cloud infrastructure
Site-to-Site VPN
Permanently connecting your office network to your cloud VPC over encrypted tunnels
intermediate · cloud infrastructure
Transit Gateway
A central hub that connects hundreds of VPCs and on-premises networks without N-squared peering
intermediate · cloud infrastructure
See also
Related glossary terms you might want to look up next.
Cloud Region
A geographic area containing one or more data centers (availability zones). Choosing the right region reduces latency and satisfies data residency requirements.
Zero Trust
A security model that never trusts any request by default, even from inside the network. Every request must be authenticated, authorized, and encrypted regardless of origin.
Availability Zone
An isolated data center within a cloud region, with independent power, cooling, and networking. Deploying across multiple AZs protects against single-facility failures.