amazon web services – How to set up HTTP API-gateway with custom domain that is only accessible from its VPC and not publicly – Stack Overflow

I need to set up a HTTP API-gateway to invoke lambda function. It will only be called from an app running in the same VPC. For security reasons this API should not be available to the public internet. Also it should have a custom domain name set up in route53 in the company hosted zone.

What is the best way to accomplish this?
I am overwhelmed by the config options. There is VPC link, VPC endpoints, private integrations, private endpoint(no support for custom domain), policies for API endpoint.. not sure about best practices.

Read more here: Source link