This module allows to expose private/internal endpoints of services without need to have VPC public subnet. Its designed just for REST at this moment. It supports OAuth 2.0 for machine to machine communication.
https://registry.terraform.io/modules/telia-oss/internet-facing-environment