The required cipher suites depends entirely on the clients that are expected to use the service. As SSL Server Test from Qualys SSL Labs is designed for testing publicly accessible web servers, we can assume this is a web application. All current versions of major browsers are able to handle TLS 1.2+ with the recommended cipher suites from RFC 7525, 4.2, making it a good starting point for a highly secure configuration:
Then, from the SSL Labs report, the Handshake Simulation section is handy tool for detecting the common clients you can't serve with these cipher suites alone:
If you e.g. wish to server older Apple devices with Safari, the best cipher suite available for them is:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp256r1 (eq. 3072 bits RSA) FS WEAK
From the list that leaves... who is using a Windows 8.1 Phone anyway. ;)
Likewise, if you need additional browsers or devices supported, you could use the browser test for figuring out a suitable cipher suite. Also notice that the variants using (Cipher Block Chaining) CBC mode aren't weak in themselves, but SSL Labs considers them weak because of the many vulnerable implementations.