In my setup I have my frontend talk to API gateway with SSL. I have a custom domain name with an certificate (all setup through AWS) which points to my API gateway API. Once my request hits the API gateway it is proxied to my EC2 instances (well elastic beanstalk so I guess the load balancer). I am wondering if I’m messing up anywhere on security. Between API gateway and elastic beanstalk is it fair to assume the data doesn’t leave amazon’s private network and is safe, or is that a terrible assumption and I should do something (please advise what) to ensure the connection between the API gateway and my load balancer is secure.