Perform Blue-Green Deployment

In this guide, you will:

Trigger a Blue-Green deployment for TEF, TED, or TE using AWS Service Catalog.
Learn how to keep your cloud infrastructure updated with minimal downtime and risk.

The Deployment Trigger parameter serves as a manual refresh mechanism for Turbot Guardrails CloudFormation stacks. By toggling this parameter between Blue and Green values, you can force CloudFormation to re-evaluate and refresh all stack parameters without performing a full version upgrade. This technique is essential when external parameter changes—such as updated SSM parameter overrides or modified IAM role ARNs—are not automatically detected by CloudFormation's change detection system and require manual intervention to ensure the stack reflects the current configuration state.

[!NOTE] The procedure for triggering a blue-green deployment is consistent across TEF, TED, and TE. This guide uses the TEF stack as an example for illustration.

Prerequisites

Access to the Guardrails AWS account with Administrator Privileges.
Familiarity with AWS Console, Service Catalog, and CloudFormation services.

Step 1: Access AWS Console

Open the AWS Console and navigate to the Service Catalog service in the region where TEF is deployed.

AWS Console Home Page

Step 2: Navigate Provisioned Products

Choose Provisioned Products from the left navigation menu.

Provisioned Product

Step 3: View Provisioned Products

Change the Access Filter in AWS Service Catalog from User to Account to view all provisioned products across the account.

Access Filter

Step 4: Update Provisioned Product

Select the TEF provisioned product from the list.

Select TEF

From the Actions menu, select Update.

Select Update

Step 5: Update Deployment Trigger Parameter

Under Advanced – Deployment, locate the Parameter Deployment Trigger and switch its value between Blue and Green, depending on the current state.

Select Deployment Parameter

Step 6: Apply Update

Select Update at the bottom of the screen to apply the changes.

Select Update

Step 7: Monitor Update

You have successfully updated the deployment trigger, which begins the update of nested CloudFormation stacks.

[ ] The TEF provisioned product Status changes to Under Change.

TEF Provisioned Product Status

[ ] Select the TEF Provisioned Product, click the Outputs tab, and use the CloudFormationStackARN link to navigate to CloudFormation and monitor the update progress.

Navigate To CFN

[ ] The TEF stack shows UPDATE_IN_PROGRESS status and track changes under the Events tab.

CFN Update in Progress Status

Step 8: Review

[ ] Ensure the CloudFormation stack status shows UPDATE_COMPLETE.

CFN Update Complete

[ ] Ensure the TEF Provisioned Product status shows Available.

TEF Provisioned Product Available Status

Next Steps

Please see the following resources to learn more about Turbot Guardrails Enterprise:

Turbot Guardrails Enterprise - Architecture

Troubleshooting

Issue	Description	Guide
Permission Issues	The current logged-in user lacks permission to modify, update, or create resources in the stack, or IAM roles/SCPs are preventing built-in roles from accessing required configuration settings.	Troubleshoot Permission Issues
Further Assistance	If issues persist, open a support ticket with relevant information.	Open Support Ticket