Other possible side effects:
(1) DNS tables entries could potentially become far more numerous, increasing the burden on DNS servers to update and maintain status.
At least the DNS servers will have to check whether the subdomain exists in the DNS table or the root should be used.
(2) Increased security risk as described here:
"There is no known security vulnerability in Let’s Encrypt that can be exploited. What is usually meant by hacker threat in this context is connected with the type of certificate validation. Let’s Encrypt and many other paid SSLs are domain-validated only (DV). This means that in order to issue the certificate, the CA (certificate authority) only checks if the certificate requester owns the domain. If a hacker manages to acquire access (usually through phishing) to your domain account at your domain registrar, they can create subdomains of your domain and issue security certificates for the subdomains as if they were the owner. This is called domain shadowing and can result in misleading people that they are visiting your website while in fact, it is a subdomain not related to your site at all."
Although (2) shouldn't be an issue with AWS, it is a problem with increased used of subdomains in general, especially as other cloud providers are pressed into following AWS's example, especially if they want to pass through great firewalls.