Generating and requiring client certs

I have two separate gateways (let’s just call them front and back). The back should only accept connections from the front. Seems the “right” way to do this is create a client cert and make the back require that cert. There appears to be a CloudFormation interface for this (AWS::ApiGateway::ClientCertificate), but I can’t find any documentation for how to do this via Serverless. Am I just not seeing it? Or do I need to learn how to write Servless plugins and do this myself? :slight_smile: Or maybe client certs is the totally wrong way to handle this?

I appreciate any help!

Well, I understand now that client certs aren’t going to do what I want, but I’d still be interested to know if there’s already a way to manage client certs using Serverless or if I’d need to create a new plugin. Thanks again!