Terraform is a service to manage infrastructure as code. It lets you do really neat stuff w.r.t. infrastructure. Since it's a code, you have the full power of programming and can embed it in scripts!
In aws, vpc is how you manage the network. It's a container for subnets and all your infrastructure belong on a subnet. Subnet is how you manage routing between components. So if you don't want machines to communicate with the world, you do that on a subnet granularity.
I created terraform modules which you can easily re-use to make vpc and ec2 instances. It's here: https://codeberg.org/boink/cloud-scripts/src/branch/master/week-4. You can edit the files directly, but there's variables in variables.tf in each subfolder to customize easily.
We manage routing table in subnet level. It determines which subnet can talk to other ip-ranges, and how. In this exercise, i have 2 subnets --- public and private. The public subnet has an internet gateway that can access the internet directly. Thus the public subnet routes 0.0.0.0/0 to the gateway.
However, for the private subnet, we use a NAT gateway. The NAT gateway must be able to talk to the world thus it resides in public subnet. Then, we use a 0.0.0.0/0 route on the private subnet that redirects all talk to the nat gateway. This way, the private subnet can talk to the internet through nat gateway.
