Ensure virtual private cloud (VPC) is configured for AWS EC2 instances

By default AWS EC2 instances are launched in default VPC which is not recommended for production grade. AWS VPCs provides the controls to facilitate a formal process for approving and testing all network connections and changes to the firewall and router configurations.

It is considered best practice to use a VPC other than the default VPC. If you already have a VPC that you wish to use, skip to the interface configuration. An EC2 instance's primary interface cannot be updated once the VM is running, however an image of the VM can be taken and launched as a new EC2 instance with the VPC designated for the primary interface. A secondary interface can be updated or attached/detached.

In AWS Console -
For the VPC:

1. Sign in to the AWS Console and open the VPC console.
2. Under Virtual private cloud, select Your VPCs.
3. Select Create VPC and enter the network information that you wish to use for the new VPC.
4. Select Create VPC at the bottom to save.

For the EC2 Interface:

1. Sign in to the AWS Console and open the EC2 console.
2. Select Create network interface.
3. Choose a subnet from the VPC you wish to use.

For the EC2 Instance:

1. Sign in to the AWS Console and open the EC2 console.
2. In the navigation pane, select Instances.
3. Choose the instance and select Networking.
4. To attach/detach a network interface, select either Attach or Detach a network interface.

In Terraform -

1. In the aws_instance resource, set the vpc_security_group_ids to include the id for an aws_vpc resource.

References:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/best-practices-for-configuring-network-interfaces.html
https://aws.amazon.com/premiumsupport/knowledge-center/move-ec2-instance/
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance#vpc_security_group_ids