If you are going to deploy pfsense on AWS. https://www.netgate.com/docs/aws-vpn-appliance/vpc-guide.html document is pretty good.
But there is a one important point that you should take care.
Be sure that Source/Dest. Check: false on both ethernet interfaces(eth0 and eth1) of pfsense instance.
If you select the pfsense instance and disable source/destination check from the menu like above. It will disable only one interface(eth0)
Unfortunately, private ethernet interface eth1 Source/Dest. Check status will stay Enabled.
You have to go to the network interfaces section on the left and find your eth1 interface then disable it choosing Action-> Networking->Change source/Dest. Check
also do not forget to create NAT rules on pfsense.