Because the middle man does stuff for you like emergent OS patching, secure log handling, request routing, TLS termination and cert distribution, zonal redundancy and failover, access control, etc.
I grew up with having to do all of that myself. It's really not that hard, a minor part of running a website/service/app. Why would I give up more control? Just a machine (bare metal or virtual) and the domain are enough... Guess I'm old now heh
As a business, you give up control for critical infrastructure to be managed by dedicated engineers who are experts in those areas, who can let you reuse their already-audited and compliance-certified infrastructure so that you don't have to do that yourself.
I agree it's not hard. It's also not hard to accidentally store your logs unencrypted, ruining your FIPS or HIPAA compliance and putting your company in legal risk.