By default, Vapor routes HTTP traffic to your serverless applications using AWS API Gateway. As an alternative to API Gateway, some customers have chosen to route their application traffic using Load Balancers, which can provide large cost savings at scale. AWS load balancers use "security policies" to determine which versions of the TLS protocol are supported. The default AWS load balancer security policy (ELBSecurityPolicy-2016-08) supports TLS 1.0, TLS 1.1, and TLS 1.2.
Therefore, beginning today, all new load balancers will use a security policy that no longer supports TLS 1.0 and TLS 1.1 (ELBSecurityPolicy-TLS-1-2-Ext-2018-06).