Today we have to bounce back and forth between two config areas, CDN and Multi-Cloud App Connect to configure a CDN in front of a LB. This adds complexity for the security engineer. Many of the config setting details would be automated if the CDN were instead a feature on the LB that could be enabled in addition to the configuration being simplified. For example, there would only be one SSL cert config needed instead of two, only one domain to configure instead of two. Only one origin instead of two. Setting the "Trusted Client IP Headers" on the LB would not be necessary, that would be automatic. This will make CDN configs much less complex for the human engineer configuring them. We have many sites with static content we’d like to do CDN but given the current complexity we are hesitant to proceed.