I need to develop an API gateway talking to public facing ELB. How do I secure the ELB from the internet. I need to allow traffic only from API gateway only.
Do we have any other option other than following :
Amazon API Gateway can generate a client-side SSL certificate and make the public key of that certificate available to you. Calls to your backend can be made with the generated certificate, and you can verify calls originating from Amazon API Gateway using the public key of the certificate.