Yes, if you don't have an Elastic IP for your EC2 instance you would also need to update the DNS records to point to your new IP. The Let's Encrypt server (and anyone else) uses DNS to find your IP.
These errors can happen for various reasons. One, nginx should be running before you use the certbot command with --nginx - was it? And, two, sometimes if you have perl active - do you? I recently described a problem with curl perl and the certbot nginx plug-in in this thread. Let us know about these.
@_az Sometime back you were going to look into handling the case better when the nginx restart fails and you start nginx without systemctl. Did you have any luck with that? I don't know that's what is happening here but I can't help being reminded of that.
Edited to improve wording in "These errors" paragraph.