Can I move an AWS Lambda site to a private domain?
It’s actually explained in zappa’s readme.
Deploying to a Domain With AWS Certificate Manager
Amazon provides their own free alternative to Let's Encrypt called AWS Certificate Manager (ACM). To use this service with Zappa:
Verify your domain in the AWS Certificate Manager console. In the console, select the N. Virginia (us-east-1) region and request a certificate for your domain or subdomain (sub.yourdomain.tld), or request a wildcard domain (*.yourdomain.tld). Copy the entire ARN of that certificate and place it in the Zappa setting certificate_arn. Set your desired domain in the domain setting. Call $ zappa certify to create and associate the API Gateway distribution using that certificate.
There are also instructions to use your existing certificate etc.
Don’t let it fool you, the title of the section makes it sound like it’s only about certificates, but there are detailed instructions regarding using you own domain.
Edit:I’m including my own zappa settings for reference.
{ "common": { "app_function": "app.__hug_wsgi__", "aws_region": "eu-central-1", "s3_bucket": "excuse-generator", "profile_name": "mislavcimpersak", "remote_env": "s3://excuse-generator/secrets.json", "certificate_arn": "arn:aws:acm:us-east-1:500819636056:certificate/3edb9c1c-12c5-4601-89a9-dc42df840fa6" }, "prod": { "extends": "common", "domain": "function.xkcd-excuse.com" }, "dev": { "extends": "common", "debug": true, "keep_warm": false, "domain": "function-dev.xkcd-excuse.com" } }Step by step guide for domain bought on namecheap.com and served through cloudflare.com
- buy domain on namecheap.com/use existing
- register new site on cloudflare.com/use existing
- cloudflare will give you (most probably) two nameservers
- enter under https://ap.www.namecheap.com/domains/domaincontrolpanel/xkcd-excuse.com/domain DNS - choose "Custom DNS" nameservers given on cloudflare
- go to AWS ACM and request a new certificate (certificate must be created in us-east-1 region)
- enter if necessary multiple subdomains (
foo.example.com&foo-dev.example.com) - make note of ACM ARN given from AWS management console
- in
zappa_settings.jsonenter undercertificate_arnyour ARN - in
zappa_settings.jsonunderroute53_enabledputfalse- this is a must - in
zappa_settings.jsonunderdomainenter domain for each stage ie.foo.example.comandfoo-dev.example.com - run
zappa certify <stage_name> - it should say: "Created a new domain name with supplied certificate. Please note that it can take up to 40 minutes for this domain to be created and propagated through AWS, but it requires no further work on your part.Certificate updated!"
- go to CloudFlare DNS interface and enter
- CNAME: foo - i3jtsjkdeu4wxo.cloudfront.net
- CNAME: foo-dev - d2jtsjkdeu4wxo.cloudfront.net
- wait for 40 minutes and check your domain(s), they should serve your Lambda function
You might not need API Gateway. It will depend on site functionality. You can host a static website using S3 with a custom domain. You can include client-side javascript(angular/react etc..) API Gateway is really for handling http requests and passing it on to defined resources(Lambda or others).
If your site will require backend capability then you have few options.
1) Build lambda functions and then use API Gateway(REST API) to interact with these functions.
yourhostname.com -> S3 -> API Gateway(aws hostname) -> lambda
2) Use AWS JS SDK to interact with your lambda functions directly.
yourhostname.com -> S3 -> AWS SDK -> lambda
3) Use API Gateway and then forwarding to Lambda or self hosted web server(flask node) using EC2 instance
yourhostname.com -> API Gateway(aws hostname) -> lambda
yourhostname.com -> self hosted web server
Here is a picture that might make it a bit clearer. 
Correct me if I am wrong flask is used for backend development to build microservices. To host it you would use either build lambda functions or host it on your own instance. https://andrich.blog/2017/02/12/first-steps-with-aws-lambda-zappa-flask-and-python/
Let me know if this helps.