AWS API Gateway should prevent use of TLS v1

Question

Refering to AWS Cloudfront Documentation, AWS API Gateway supports TLS v1.0, v1.1, v1.2.

But I want to limit the encryption protocols to TLS v1.1 and v1.2 for my Gat

Answer 1

You may create API gateway distribution in your CloudFront distribution list. If your API gateway origin has HTTPS, you can specify what type of TLS protocols to be use between cloudfront and API gateway. Between viewer/client and cloudfront, you can specify the TLS protocols and suites in General section > Security Policy of CloudFront configuration. This configuration only visible if you use custom SSL with SNI. You may choose between:

1. TLSv1
2. TLSv1_2016
3. TLSv1.1_2016
4. TLSv1.2_2018