VPCs divide our cloud into public and private subnets.

Subnets restricted our allow inboud traffic. Before the packets can cross the Internet Gateway or the Virtual Private Gateway, the Network Access Control List may check wether the IP address is allowed or not.

Security groups set in and outbound rules for an EC2 or group of EC2 instances.

Route 53 is a DNS service that also offers registrar domain names.