Following are two popular design choice
The topology shows the Palo Alto VM-Series as example but exact design works with Check Point, FortiNet and other firewalls as well.
Centralized VPC Sandwich LB Design
Dedicated Ingress VPC Design
Topology Credit: Rodrigo Loureiro