VPC provides a complete isolated section in AWS cloud. It gives you freedom to choose build separate subnets (public & private) where you can put your ec2 instances, IP ranges, Security Groups Routing tables, and NAT Gateway. VPC also provides advanced security features & monitoring options.
What is a Subnet -Build your own network, subnets are boundaries for for your instances to which traffic can be protected using a security group.
What is a Security Group - Special rules which are stateful, acts as a firewall and applies to per instance. Stateful means an inbound rule applies outbound as well.
What is a Network ACL-Network Access Control applies to per subnet level and is stateless. Stateless means separate rules are required, to control inbound and outbound traffic.
NAT GatWays are highly available, high bandwidth instances. They are fully managed by AWS. An Elastic IP can be assigned to a NAT Gateway. NAT gateways support different protocols like TCP,and UDP. You can view the traffic going through VPC using flow logs.