I have two separate gateways (let’s just call them front and back). The back should only accept connections from the front. Seems the “right” way to do this is create a client cert and make the back require that cert. There appears to be a CloudFormation interface for this (AWS::ApiGateway::ClientCertificate), but I can’t find any documentation for how to do this via Serverless. Am I just not seeing it? Or do I need to learn how to write Servless plugins and do this myself? Or maybe client certs is the totally wrong way to handle this?
I appreciate any help!