A Virtual Private Cloud (VPC) is a logically isolated network space that can be customized for resources in Tencent Cloud such as CVM and TencentDB to enhance their security and meet the needs in different use cases.
This document describes the core components, connection methods, and security of VPCs.
A VPC has three core components: VPC IP range, subnet, and route table.
When you create a VPC, you need to specify a CIDR (classless inter-domain routing) block as the VPC's IP address group.
Tencent Cloud VPC supports CIDR blocks in any of the following private IP ranges:
The VPC CIDR block (primary) cannot be modified after creation. When the primary CIDR block cannot support business allocation, you can create a secondary one to expand the IP range. For more information on the secondary CIDR block, see Editing IPv4 CIDR Blocks.
A VPC consists of at least one subnet. All Tencent Cloud resources in a VPC (such as CVM and TencentDB instances) must be deployed in a subnet, and the subnet CIDR block must be within the VPC CIDR block.
A VPC is set up at the region level (such as Guangzhou), while a subnet is set up at the availability zone level (such as Guangzhou Zone 1). You can divide a VPC into one or more subnets. Subnets in the same VPC can interconnect with one another by default, while subnets in different VPCs are isolated by default.
When you create a VPC, the system automatically generates a default route table to ensure that all subnets in the same VPC are interconnected. If the routing policies in the default route table cannot meet your business needs, you can create a custom route table.
For more information on route tables, see Overview.
Tencent Cloud provides a wide range of VPC connection solutions for different use cases:
A VPC is a logically isolated network space in the cloud. Different VPCs are isolated from each other to protect business security.
For more information on VPC security, see Security Management.