[{"data":1,"prerenderedAt":74},["ShallowReactive",2],{"pattern-apigw-private-cdn-private-ca-sam":3},{"id":4,"title":5,"architectureURL":6,"cleanup":7,"contributors":10,"deploy":13,"description":16,"extension":17,"framework":18,"gitHub":19,"highlight":6,"introBox":25,"language":44,"level":45,"meta":46,"patternArch":47,"resources":61,"s3URL":6,"services":6,"stem":69,"testing":70,"videoId":6,"__hash__":73},"patterns\u002Fpatterns\u002Fapigw-private-cdn-private-ca-sam.json","Private Custom Domain for Amazon API Gateway Private REST API",null,{"text":8},[9],"Delete the stack: \u003Ccode>sam delete --stack-name apigw-private-cdn-private-ca-sam\u003C\u002Fcode>.",[11,12],"content\u002Fcontributors\u002Fvijay-shekhar-rao.json","content\u002Fcontributors\u002Ftushar-thapar.json",{"text":14},[15],"See the GitHub repo for detailed deployment instructions.","Create Amazon API Gateway private REST API with private custom domain name configured with private SSL certificate.","json","AWS SAM",{"template":20},{"repoURL":21,"templateURL":22,"projectFolder":23,"templateFile":24},"https:\u002F\u002Fgithub.com\u002Faws-samples\u002Fserverless-patterns\u002Ftree\u002Fmain\u002Fapigw-private-cdn-private-ca-sam","serverless-patterns\u002Fapigw-private-cdn-private-ca-sam","apigw-private-cdn-private-ca-sam","template.yaml",{"headline":26,"text":27},"How it works",[28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43],"1. Private Certificate Authority and API Gateway Setup:","1.1 Create an PCA","1.2 Issue a root certificate through the PCA","1.3 Create a certificate in ACM using PCA's root certificate","1.4 Create a private REST API in API gateway","1.5 Create API Gateway's private custom domain configured with ACM certificate created in step 3","1.6 Configure a Lambda function as the API Gateway backend processor","1.7 Deploy the private REST API through API Gateway","1.8 Associate the custom domain with the API Gateway stage","2. VPC Endpoints configurations for private communication:","2.1 'acm-pca' VPC Endpoint - Facilitates communication with PCA","2.2 'execute-api' VPC Endpoint - Provides private access to the REST API","3. DNS Configuration:","3.1 Establish a private hosted zone for the domain name","3.2 Create a CNAME record within the hosted zone for custom domain name","3.3 Point API Gateway's private custom domain name to the 'execute-api' VPC Endpoint DNS name","Python","200",{},{"icon1":48,"icon2":53,"line1":57},{"x":49,"y":50,"service":51,"label":52},20,50,"vpc-endpoint","VPC endpoint",{"x":54,"y":50,"service":55,"label":56},80,"apigw","Amazon API Gateway REST API",{"from":58,"to":59,"label":60},"icon1","icon2","custom domain name",{"bullets":62},[63,66],{"text":64,"link":65},"Custom domain names for private APIs in API Gateway","https:\u002F\u002Fdocs.aws.amazon.com\u002Fapigateway\u002Flatest\u002Fdeveloperguide\u002Fapigateway-private-custom-domains.html",{"text":67,"link":68},"Tutorial: Create and invoke a custom domain name for private APIs","https:\u002F\u002Fdocs.aws.amazon.com\u002Fapigateway\u002Flatest\u002Fdeveloperguide\u002Fapigateway-private-custom-domains-tutorial.html","patterns\u002Fapigw-private-cdn-private-ca-sam",{"text":71},[72],"See the GitHub repo for detailed testing instructions.","zkNE-IqDiu1rXys1TCrgfQunOMqQlPpq-txGdNZLp-E",1778846882500]