A VPC, or virtual private cloud, does not offer security. It is only a container, inside which subnets are created. AWS resources are launched inside of a subnet. EC2 instances make use of Security Groups for their security. Subnets provide an additional layer of security in the form of Network Access Control Lists. The combination of Security Groups, and Network ACLs are what provide security to EC2 instances. VPCs themselves are not networks, and AWS resources cannot be placed inside of them (other than subnets, Internet Gateways, and VPC endpoints, none of which the customer is required or expected to “secure”)
I have just migrated my blog from my previous host j u s t h o s t to Amazon Web Services. Even on just a humble T2.micro, the speed is noticeably quicker. I have MySQL running on the same host, with no load balancers, and just an Elastic IP Address and Route 53 A Record pointing to it. I still need to figure out a way to automate a daily Ec2 Snapshot, with deletes after 14 days.