Multi-AZ VPC architecture spanning us-east-1a and us-east-1b with Internet Gateway, Transit Gateway, and VPN Gateway for hybrid connectivity. Traffic flows from Internet/WAN through WAF and Internet Gateway to Transit Gateway, then to Application Load Balancers in public subnets, distributing requests to EC2 t3.medium instances across private app subnets in both AZs. Application servers connect to RDS Primary in AZ-1 and RDS Standby in AZ-2 for read replicas, with NAT Gateways enabling outbound internet access and VPN Gateway bridging Corporate HQ connectivity. This architecture demonstrates AWS best practices for high availability, fault isolation, and secure hybrid network design. Fork and customize this diagram on Diagrams.so to adapt CIDR blocks, instance types, or add additional services like Auto Scaling Groups or VPC endpoints. Consider adding Network ACLs or additional security groups for granular traffic control between layers.