So, generally speaking, it is required to have a static IP at each site for the IPSEC or OpenVPN connection. We do this all the time, not a problem.
Is there a way that pfSense can connect to an AWS or Azure instant pfSense box without a Static IP? So, Hosted has a Static IP, but the remote connect does not.
I’ve seen it before for end-points, such as computers. As we have setup services like Perimeter 81 in the past, where the firewall is in the cloud on their services, but any endpoint is just logged in as the user and it connects to the firewall from anywhere.
For IPsec it would be a whole lot easier but not necessarily required. You can setup a DDNS but as you might know you’ll have to wait for the DNS to propagate with the new IP address before it will reconnect.
For OpenVPN on pfsense, I would say at least the server side needs to be static and it doesn’t matter on the client side for it to be static. Again you can probably setup DDNS for the server side but will run into the same problem above.
There might be an option for an overlay network like netbird, zerotier, tailscale and so on. Depends on what you are trying to accomplish.