Amazon API Gateway now supports Custom Domain Name for private REST APIs
Amazon API Gateway (APIGW) now gives you the ability to manage your private REST APIs using custom user-friendly private DNS name like private.example.com, simplifying API discovery. This feature enhances your security posture by continuing to encrypt your private API traffic with Transport Layer Security (TLS), while providing full control over managing the lifecycle of the TLS certificate associated with your domain.
API providers can get started with this feature in four simple steps using APIGW console and/or API(s). First, create a private custom domain. Second, configure an Amazon Certificate Manager (ACM) provided or imported certificate for the domain. Third, map multiple private APIs using base path mappings. Fourth, control invokes to the domain using resource policies. API providers can optionally share the domain across accounts using Amazon Resource Access Manager (RAM) to provide consumers the ability to access APIs from different accounts. Once a domain is shared using RAM, a consumer can use VPC endpoint(s) to invoke multiple private custom domains across accounts.
Custom domain name for private REST APIs is now available on API Gateway in all AWS Regions, including the AWS GovCloud (US) Regions. Please visit the API Gateway documentation and AWS blog post to learn more.