Of course it's feasible, you just intercept the traffic post-decryption on the cloud/server side. You don't control how/where your traffic to 3p cloud services is decrypted.
You keep saying this, but it's nonsensical. If I terminate TLS on the box that does processing, there's nothing to intercept.
And these days (especially post-Snowden), many (most?) companies encrypt data when sending between servers within their own (private network) infrastructure.
And these days (especially post-Snowden), many (most?) companies encrypt data when sending between servers within their own (private network) infrastructure.