Posted On: Nov 21, 2024
Amazon API Gateway (APIGW) now gives you the ability to manage your private REST APIs using custom user-friendly private DNS name like private.example.com, simplifying API discovery. This feature enhances your security posture by continuing to encrypt your private API traffic with Transport Layer Security (TLS), while providing full control over managing the lifecycle of the TLS certificate associated with your domain
API providers can get started with this feature in four simple steps using APIGW console and/or API(s). First, create a private custom domain. Second, configure an Amazon Certificate Manager (ACM) provided or imported certificate for the domain. Third, map multiple private APIs using base path mappings. Fourth, control invokes to the domain using resource policies. API providers can optionally share the domain across accounts using Amazon Resource Access Manager (RAM) to provide consumers the ability to access APIs from different accounts. Once a domain is shared using RAM, a consumer can use VPC endpoint(s) to invoke multiple private custom domains across accounts.
Custom domain names for private REST APIs is now available on API Gateway in Amazon Web Services China (Beijing) Region, operated by Sinnet, and Amazon Web Services China (Ningxia) Region, operated by NWCD. Please visit the API Gateway documentation to learn more.