Introduction

I recently decided to dive into cloud computing and started with AWS. One of the first and most confusing concepts I encountered was VPC – Amazon's Virtual Private Cloud. In this post, I’ll share how I learned it step by step.

Prerequisites

Before jumping into VPC, I recommend having a basic understanding of the following:

Basics of Some AWS Services:

EC2 (Elastic Compute Cloud)
Security Groups

Basics of Networking Concepts:

IP Addressing (Public and Private IPs)
CIDR (Classless Inter-Domain Routing)

Why I Wanted to Learn AWS VPC

I wanted to learn VPC because it’s the foundation of secure cloud architecture. Without understanding VPC, deploying any secure, scalable, or high-availability application on AWS becomes confusing and risky. Knowing VPC is like understanding the road map —it gives structure and clarity.

How I Started Learning VPC

Before jumping directly into VPC, you must strengthen these key concepts. Once you understand them, you can move confidently into hands-on practice:

Subnets
Route Tables
Internet Gateway
NAT Gateway
Security Groups
CIDR Blocks

You can learn these topics easily using ChatGPT or by reading blogs on platforms like Medium.

Once you're done with these basics—don’t wait—go straight to the practical hands-on experience. Theory alone won’t help much in VPC.

How I Did Hands-on Practice With VPC

Task 1: Basic VPC Setup

Create a VPC
Create a Public Subnet
Launch a Public EC2 Instance with auto-assign public IP enabled
Try to SSH into the EC2 instance

Problem: Unable to connect to the public EC2 instance.
Solution: Because we need internet connection to access the ec2 so we need Internet gatway for that.
This taught me a lot. which helped me understand how to establish the correct connections.

Task 2: Public + Private Subnets.

Create a VPC
Create Public and Private Subnets
Launch a Public EC2 Instance in the public subnet
Launch a Private EC2 Instance in the private subnet with auto-assign public IP disabled
SSH into the private EC2 instance from the public instance.

Form the task 1 learn and grab things why we do this and that like why we need Internet gatway and what is the role of route table.

Congratulations! You've just learned what a Bastion Host and Jump Server are.
what is bastion host and jump server? It is that public server which is only use for access the private server
For me, Bastion host or jump server was very tough to understand at first.

Problem: we can ssh into the private subnet but unable to download things like mysql and node what ever you want , because it doesnt have internet connection. so for that in task 3 we learn how to provide internet connection in private subnet so that we can download things in it

Task 3: NAT Gateway Setup and Internet Access for Private Subnet

Create a VPC
Create Public and Private Subnets
Launch EC2 instances in both
SSH into the private EC2 from the public one
Try installing any software or update inside the private subnet

Problem: There was no internet in the private subnet.
To fix that, I learned to set up a NAT Gateway.

New Concept Learned in This Task:

NAT Gateway

Why These 3 Tasks Are So Important

Doing these three tasks taught me the foundation of secure networking in AWS. Once you’ve done this, it becomes much easier to create secure infrastructures, even for production environments.

In real-world applications:

We always prefer our application to be in a private subnet
Especially the database should be in a private subnet to protect it from brute-force attacks
Security and isolation of resources become top priority

Challenges and Breakthroughs

As a beginner, these were my hardest parts:

Configuring Security Groups correctly
Understanding how to connect route tables
Setting up Internet Gateway and NAT Gateway connections properly

These configurations often confused me, but with trial and error—and a little help documentation—I figured them out.

What I Know Now

VPC is extremely useful and forms the backbone of secure infrastructure for your applications on AWS.
It’s not just another service—it’s your network in the cloud.

Tips for Beginners

Just start doing things. Don't wait to become perfect in theory.
Break things, troubleshoot, fix them—that’s how real learning happens.

Conclusion

If you encounter any errors while following the above tasks, feel free to check out my GitHub repository, where I’ve documented all three tasks clearly:

👉 https://github.com/ankit3987/learning-vpc.git

Learning AWS VPC from Scratch: What I Did and What I Learned