If anyone’s running Amazon Linux 2 on their EC2, then you can successfully follow above guide with the following edits:
After downloading Let’s Encrypt, and trying to run

$ /opt/letsencrypt/letsencrypt-auto --debug

you might get this output:
Sorry, I don't know how to bootstrap Certbot on your operating system!

It’ll work if you:
Step 1. Edit the file /opt/letsencrypt/certbot-auto to recognize your version of Linux:

• $ sudo vim /opt/letsencrypt/certbot-auto
• find this line in the file (likely near line nr 780):
  elif [ -f /etc/redhat-release ]; then
  and replace whole line with this:

elif [ -f /etc/redhat-release ] || grep 'cpe:.*:amazon_linux:2' /etc/os-release > /dev/null 2>&1; then

• Save and exit vim (type :wq to do that)

Step 2. Run below to obtain your certificates:

$ sudo /opt/letsencrypt/certbot-auto certonly --webroot -w /var/www/html -d ________.com -d www.________.com

Where:
/var/www/html is your webroot (default for Apache used here; modify if yours is different or you’re using a different server such as nginx)
________.com is your domain that lives in above webroot (you can also request a certificate for multiple domains if your EC2 runs subdomains or multiple domains)

Now continue Gifford’s guide from Certificate Renewal part onwards 👍 🎉

Source and credit: certbot GitHub issue #5455

Great guide, thanks for putting this together Gifford Nowland!
Let’s Encrypt and Certbot FTW!