AWS API Gateway Lambda Authorizers + Client certificates

UPDATE: API Gateway now support mTLS! https://aws.amazon.com/blogs/compute/introducing-mutual-tls-authentication-for-amazon-api-gateway/

Old Answer:

The client certificate verification happens during the TLS handshake. The lambda authorizer works on an HTTP request example input. So you couldn't do real mutual authentication. You could do some custom solution, where you jam some sorta signed information in a header (think sigv4), but that's not really what we're talking about when we talk about mutual TLS.