I'm writing a RESTful API service, that will only work through HTTPS protocol. What kind of response code should be returned if the request comes via HTTP?
"301 Moved Permanently" where the server redirect the client from a http to https. This is the most commonly used pattern and what I would recommend you to implement on a server level. Implementation of this depend on the webserver your have and I would guess that there is plenty of good guide online to your specific server. This will also tell the client to switch from HTTP to HTTPS Permanently.
If the question was more related to method rather than HTTP/HTTPS then "405 METHOD NOT ALLOWED" would be the correct choice. This is what you should respond to a client if the client is not not allowed to call the method itself. This would be misleading as a first step since the HTTP/HTTPS protocol is the problem and not the method (Get, Post, Put etc.) utilized by the client.