My AWS EC2 server only responds to specific IPs and that is configured in AWS for any http/https/tcp/udp requests and connections. I can understand that LE certs cannot be issued for any local/intranet domains as LE needs to access from outside world. I’ve read on several places that whitelisiting LE verfication servers will not work and those are not specified for spoofing and security reasons.
I also cannot use the DNS verfication as the domain belongs to large corporation managed by a dedicated team.
Can anyone suggest what is the best way to issue a LE certificate in my scenario?
There’s really no way around DNS challenges in the scenario you’re describing. One way to do this in an environment where updating DNS is a slow and/or manual process would be to create a CNAME record for the verification subdomain and point that to a separate domain with the ability to create and update TXT records programmatically. acme-dns provides some tooling for this (as well as a more in-depth description of this approach.)