Anyone has a guide on how to implement mTLS authentication on a v2 API with custom domain name? (I already have the s3 bucket and the truststore file I am just looking for help with the route53 part and custom domain)

I’m not familiar with mTLS, but i’ll try my best lol. Does this work:

import apig from "@aws-cdk/aws-apigatewayv2-alpha";
import acm from "aws-cdk-lib/aws-certificatemanager";

const domainName = new apigateway.DomainName(this, 'domain-name', {
  domainName: '<http://example.com|example.com>',
  certificate: acm.Certificate.fromCertificateArn(this, 'cert', 'arn:aws:acm:us-east-1:1111111:certificate/11-3336f1-44483d-adc7-9cd375c5169d'),
  mtls: {
    bucket: myBucket,
    key: 'truststore.pem',
    version: 'version',
  },
});

new sst.Api(this, "Api", {
  customDomain: {
    domainName
  },
  ...
});

Yup I got to build it in a similar fashion thank you 🙂 . There is also some mappings to be added and some route53 stuff but all in all this is it.