a) What makes them a "Level A / High Risk Category" supplier for you? What risks do they pose to you products/services if they do not perform correctly?
b) What do your policies/procedures say has to be done to approve a "Level A / High Risk Category" supplier?
Does having a 9001 cert on file realistically suffice help you monitor/control for those risks?
If not, then you would likely want to consider other supplier monitoring/controls. Whether you can get AWS to jump through many hoops is problematic, unless you are a very large customer of theirs.
Alternatively, you might be able to argue that AWS is a recognized world leader in cloud hosting, etc. and therefore is de facto the best choice for the services you need, and as such, the choice to use AWS is in itself a supplier control. That is, being a top 5 world-class leader in an industry might be added to your policies as a way to approve a supplier. Then, ongoing monitoring (e.g., of uptime, bandwidth, # of issues, etc.) could suffice for maintaining that approved status. It seems more practical than a 9001 cert on file.
In general with cloud services, the issue isn't typically the provider's infrastructure, but rather the customer's use of it: improperly secured S3 buckets leaking data publicly, VMs spun up without proper firewall provisioning, not maintaining backups under separate AWS accounts from the VM accounts, etc.