Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, which some entities consider to be weak ciphers.Referenceshttps://stackoverflow.com/questions/62071604https://aws.amazon.com/about-aws/whats-new/2020/07/cloudfront-tls-security-policy/
