Explain VPC vs Subnet vs Security Group.

In AWS, a VPC (Virtual Private Cloud) is your isolated network, a subnet is a partition of that network within an Availability Zone, and a security group is a virtual firewall that controls inbound and outbound traffic.

When to Use

  • VPC: Create isolated environments (e.g., dev, staging, production).
  • Subnets: Separate application tiers (public web, private app, database).
  • Security Groups: Define traffic rules (e.g., allow HTTPS, block SSH).

Example

For a web app:

  • VPC: 10.0.0.0/16
  • Public Subnet: ALB (load balancer)
  • Private Subnets: EC2 + RDS
  • Security Group: Allow ALB → EC2 (443), EC2 → RDS (3306)

Want to master these concepts for interviews?

Explore:

Why Is It Important

Clear separation improves security, scalability, and cost control. These are core questions in system design and cloud interviews.

Interview Tips

  • Define VPC → Subnet → SG in order.
  • Mention stateful SGs vs stateless NACLs.
  • Walk through an end-to-end request path.

Trade-offs

  • More subnets and SGs = granular control but harder management.
  • Simpler setups = easier but risk exposure or IP exhaustion.

Pitfalls

  • Allowing 0.0.0.0/0 for SSH/RDP.
  • Leaving egress wide open.
  • Forgetting route tables/NAT for private subnets.
TAGS
System Design Interview
System Design Fundamentals
CONTRIBUTOR
Design Gurus Team
-

GET YOUR FREE

Coding Questions Catalog

Design Gurus Newsletter - Latest from our Blog
Boost your coding skills with our essential coding questions catalog.
Take a step towards a better tech career now!
Explore Answers
How to be successful at Pinterest?
What is the rule order in Zscaler?
How difficult is the life of a software engineer?
Can online assessments detect cheating?
Explain Gossip Protocol vs Heartbeats.
Learn the difference between gossip protocol and heartbeats in distributed systems. Use cases, examples, trade-offs, pitfalls, and interview tips explained clearly.
How to start a system design interview?
Related Courses
Course image
Grokking the Coding Interview: Patterns for Coding Questions
Grokking the Coding Interview Patterns in Java, Python, JS, C++, C#, and Go. The most comprehensive course with 476 Lessons.
4.6
Discounted price for Your Region

$197

Course image
Grokking Modern AI Fundamentals
Master the fundamentals of AI today to lead the tech revolution of tomorrow.
3.9
Discounted price for Your Region

$78

Course image
Grokking Data Structures & Algorithms for Coding Interviews
Unlock Coding Interview Success: Dive Deep into Data Structures and Algorithms.
4
Discounted price for Your Region

$78

Image
One-Stop Portal For Tech Interviews.
About Us
Our Team
Careers
Contact Us
Become Affiliate
Become Contributor
Social
Facebook
Linkedin
Twitter
Youtube
Substack
New
LEGAL
Privacy Policy
Cookie Policy
Terms of Service
RESOURCES
Blog
Knowledge Base
Blind 75
Company Guides
Answers Hub
Newsletter
Copyright © 2026 Design Gurus, LLC. All rights reserved.