A Virtual Private Cloud (VPC) is the network boundary around your cloud resources -- a logically isolated section of the provider's network with private IP ranges, subnets, route tables, NAT gateways, and security groups under your control.
For an enterprise on AWS, the per-region VPC topology typically follows: one VPC per region per environment (prod / staging / dev), 2-3 public subnets (load balancers, NAT), 2-3 private subnets (compute, ECS/EKS tasks), 2-3 isolated subnets (RDS, ElastiCache), and transit gateway links between regions where workloads cross.
The two failure modes are (a) flat VPC with everything in one subnet -- collapses the day a service needs to be isolated, and (b) over-fragmented VPC -- 14 subnets per region, each with its own routing rules, no one knows what runs where. The middle path with documented subnet purposes per environment is the operational sweet spot.