Amazon VPC lets you work securely from home or on the road. You get your own virtual private networking (VPN) connection from Amazon, and you can use it to access your VPCs from any Internet-connected device. In addition to giving you your own secure connection to Amazon's networks, it gives you an added level of security and improves performance by eliminating network hops and other points of potential failure.
A VPC can logically divide an AWS account into two parts: the “public” area and the “private” area. The public area comprises all unassociated EC2-Classic instances, EC2-Classic volumes, Elastic Beanstalk environments, Redshift data sources, EMR clusters, Lambda functions and other resources that are not connected with a VPC. The private area comprises all associated EC2-VPC instances or regions within a VPC. You can only access the public resource from the public subnet