How can a developer meet these requirements without changing the configuration of the SCM system?
Deploy the API Gateway REST API to all the required AWS accounts. Use the same custom domain name for all the gateway endpoints so that a single SCM webhook can be used for all events from all accounts.
Deploy the API Gateway REST API to all the receiver AWS accounts. Create as many SCM webhooks as the number of AWS accounts.
Grant permission to the central AWS account for EventBridge (CloudWatch Events)to access the receiver AWS accounts. Add an EventBridge (CloudWatch Events) event bus on the receiver AWS accounts as the targets to the existing EventBridge (CloudWatch Events) rule.
Convert the API Gateway type from REST API to HTTP API.
Explanations:
Deploying the API Gateway REST API to all accounts and using the same custom domain name does not solve the problem of routing events to multiple accounts. Each account would require its own integration logic, and EventBridge events would need to be manually routed to multiple accounts.
Deploying the API Gateway REST API to all receiver accounts and creating multiple SCM webhooks would require changes to the SCM system, which the requirements specify should be avoided.
Granting permission to the central account for EventBridge to access the receiver accounts and adding an EventBridge event bus as the target in the receiver accounts is the correct approach. This allows events to be routed from the central account to multiple receiver accounts.
Converting the API Gateway type from REST API to HTTP API does not address the need to send events to multiple receiver accounts. EventBridge is the key service to handle this requirement, not the API Gateway type.
It seems to me that the answer is:
Grant permission to the central AWS account for EventBridge (CloudWatch Events)to access the receiver AWS accounts. Add an EventBridge (CloudWatch Events) event bus on the receiver AWS accounts as the targets to the existing EventBridge (CloudWatch Events) rule.