I've been using my YubiKey 5Ci in Safari on macOS and iOS since macOS 10.15[1] and iOS 13.3[2] (which came out several months ago), and Safari supports FIDO2 + WebAuthn just fine.
My mistake was to assume that AWS saying "Your browser does not support U2F security keys." meant that Safari didn't support U2F keys. Given AWS's well-earned reputation for half-assing things I really shouldn't have trusted their assessment, but I did. My bad.
[1] https://developer.apple.com/documentation/safari-release-not...
[2] https://developer.apple.com/documentation/ios-ipados-release...