I created a private endpoint in AWS API Gateway to make it private. Only resources in the private vpc can access to this endpoint. This is my design and it works very well.
