Using secure ciphers will help protect communication in-transit, however what is considered secure will change over time. Amazon maintains cipher sets in security policy groups for CloudFront, with older policies having less secure ciphers. For a complete chart of policies and the ciphers they use, see the CloudFront documentation.
References:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html
This setting cannot be changed in the Console UI and can only be updated via the API or Terraform.
In Terraform -
References:
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution