Ensure that your AWS application is not deployed within the default Virtual Private Cloud in order to follow security best practices. A default Virtual Private Cloud is a logically isolated virtual network created automatically for your AWS account the first time you provision Amazon EC2 resources. A default VPC is suitable for getting started quickly, however, when you deploy complex applications and use multi-tier architectures you may need to keep parts of your network private or customize the network model, therefore it is recommended to create a non-default VPC that suits your specific requirements.
A default Virtual Private Cloud is designed in such a way that you can quickly deploy AWS resources and not have to think about the underlying network. The default VPC comes with a default configuration that would not meet all security best practices, hence a non-default VPC should not be used for sophisticated AWS cloud applications.
To determine if the default Virtual Private Cloud (VPC) is being used within your AWS account, perform the following actions:
To create a non-default Virtual Private Cloud (VPC) and migrate your custom AWS applications to it, perform the following actions: