If your AWS account doesn't have a default VPC, or if you want to create an additional VPC, you can create a new VPC.
If you don't know if you have a default VPC, see Determining Whether You Are Using the EC2-VPC or EC2-Classic Platform.
Amazon EC2 instances that function as web servers can be deployed in the public subnet, and the Amazon RDS DB instances are deployed in the private subnet.
In such a deployment, only the web servers have access to the DB instances.
A DB subnet group is a collection of subnets (typically private) that you create for a VPC and that you then designate for your DB instances.
A DB subnet group allows you to specify a particular VPC when you create DB instances using the CLI or API.
A DB subnet group allows you to specify a particular VPC when creating DB instances using the CLI or API; if you use the console, you can just select the VPC and subnets you want to use.
Unless you are working with a legacy DB instance, your DB instance is in a virtual private cloud (VPC).
A virtual private cloud is a virtual network that is logically isolated from other virtual networks in the AWS cloud.
Amazon RDS uses that DB subnet group and your preferred Availability Zone to select a subnet and an IP address within that subnet to associate with your DB instance.
If the primary DB instance of a Multi-AZ deployment fails, Amazon RDS can promote the corresponding standby and subsequently create a new standby using an IP address of the subnet in one of the other Availability Zones.