It depends on your security requirements as well. Some people feel the need for end to end encryption as opposed to SSL termination at the load-balancer tier. If you are one of those people, letsencrypt is the way to go
If it's all going in AWS, I don't see a huge difference between terminating in the ELB vs. terminating on the VMs. It might help you if the ELB got misconfigured, but AWS managing/provisioning the keys keeps them safe from being misplaced, too, so on balance it's probably better.
If you had on-premise servers, or a different/more secure host vs. intermediary/load-balancer, I could see the value of end to end. (especially if you have a long-lived cert, a pinned cert, EV, whatever).
(and of course crypto between the intermediary and the servers, if it's not on a physically secured LAN segment)
If you had on-premise servers, or a different/more secure host vs. intermediary/load-balancer, I could see the value of end to end. (especially if you have a long-lived cert, a pinned cert, EV, whatever).
(and of course crypto between the intermediary and the servers, if it's not on a physically secured LAN segment)