As it's not clear from your post, do you know that you can use address-list items with an fqdn as an address, which is then kept up-to-date automatically?
The TCP session cannot survive a change of the remote address, so even if the fqdns are migrating between IPs fast, tracking the current addresses using such address list, marking the TCP connection just once when it is initiated, and using the connection-mark to assign the routing-mark as suggested by @Sob should be a maintenance-free solution in terms that you wouldn't need to watch for changes on the list published by Amazon.
The only question is how many individual fqdns we talk about here. If units, I'd say the above is better; if tens or more and the list of these fqdns is constantly changing, you'd have to use a periodically spawned script to learn the individual fqdns from the dns cache and add them to the address-list, so automated synchronisation of the list from AWS web may be equally complex.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.