Amazon Virtual Private Cloud (Amazon VPC) lets you create and run a logically isolated section of the Cloud . Running within a VPC combines the benefits of the cloud with the flexibility of a network topology designed to fit the unique needs of your in-house IT department. For example:
You define a virtual network by specifying an IP address range using a CIDR block, partition the range in to one or more subnets, and setting up Access Control Lists (ACLs) to allow network traffic to flow between the subnets. After you define your virtual network, you can launch Amazon Elastic Compute Cloud (Amazon EC2) instances, Amazon Relational Database Service (RDS) DB instances, Amazon ElastiCache nodes, and other AWS resources, each on a designated subnet.
Up until now, EC2 instances that were not running within a VPC (commonly known as EC2-Classic ) had to use public IP addresses or tunneling to communicate with AWS resources in a VPC. They could not take advantage of the higher throughput and lower latency connectivity available for inter-instance communication. This model also resulted in additional bandwidth charges and has some undesirable security implications.