Networking

A VPC belongs to a region. A VPC can have several subnets with each subnet belonging to a zone in that region. One subnet cannot span multiple zones.

An internet gateway is a component that provides internet connection to a subnet.

One subnet can only be associated with one route table.

Network Interface

https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html

"An elastic network interface is a logical networking component in a VPC that represents a virtual network card. It can include the following attributes:"

A VPC peering connection is used to connect 2 VPC 's .

Security Groups

Default inbound rules shut off any inbound traffic.

Security groups are stateful. Outbound traffic is always allowed.