Enable Mutual TLS authentication

[nestor-bolivar]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Feature Request

Is your feature request related to a problem? Please describe.

API gateway provide us with a method to authenticate http requests using client-server certificates. We are missing this option. Refer to https://aws.amazon.com/blogs/compute/introducing-mutual-tls-authentication-for-amazon-api-gateway/

Describe the solution you'd like A clear and concise description of what you want to happen. Add any considered drawbacks, and what serverless.yml would look like:

custom:
  customDomain:
    tlsTruststore: 's3://my-bucket/my-trust.pem'

Describe alternatives you've considered Move to terraform

Any Other Info If you can, maybe sketch out implementation details? If you've started a PR for this feature, link it here.

[cjuega]

I'm working on a PR. Would this setup work for you?

custom:
  customDomain:
    tlsTruststoreUri: 's3://my-bucket/my-trust.pem'
    tlsTruststoreVersion: 'optional s3 object version'

[nestor-bolivar]

Hey @cjuega . That will certainly do the job. Feel free to share your feature branch, so we could see the progress 🤞

[cjuega]

@nestor-bolivar here it is 😄