Top of my head, you are reducing performance by adding another IPSec header to packets. SDWAN overlay is already encrypted as you already mentioned. Also, are you going to include the traffic to vEdge and vManage in the GETVPN cloud.? Otherwise, you might lose the ability to select the best path.
I believe this might be an overkill and don't see real value of encrypting the encrypted.