I've set-up an API gateway on AWS and currently plan to host a React application on AWS Amplify.
Reading through the documentation I'm left wondering what would be the best practices around restrict traffic through the gateway to only be allowed from an Amplify application.
Do I have to create a dedicated VPC for this, or do I get a dedicated IP for my Amplify Application I can whitelist? Obviously I have authorizers on the resources but I would prefer to completely restrict access to call the gateway to a certain application.
