Hi,
I understand this, but it would be exceptionally hard to use S3 + Cloudflare with certbot (you might need to spend a long time between putting the files and complete challenge).
May I know why you want to use HTTP validation?
Based on your description and setup, you can easily use DNS validation for both Let's Encrypt and ACM.
Many programs allow you to use Cloudflare API to issue the Let's Encrypt certificate. DNS validation for ACM is also easy since the DNS records is the same for every renewal (in ACM), which means you don't need to update DNS records every renewal.
This means your challenge does not exist....
Thank you