Perform Blue-Green Deployment

In this guide, you will:

  • Trigger a Blue-Green deployment for TEF, TED, or TE using AWS Service Catalog.
  • Learn how to keep your cloud infrastructure updated with minimal downtime and risk.

The Deployment Trigger parameter serves as a manual refresh mechanism for Turbot Guardrails CloudFormation stacks. By toggling this parameter between Blue and Green values, you can force CloudFormation to re-evaluate and refresh all stack parameters without performing a full version upgrade. This technique is essential when external parameter changes—such as updated SSM parameter overrides or modified IAM role ARNs—are not automatically detected by CloudFormation's change detection system and require manual intervention to ensure the stack reflects the current configuration state.

Note

The procedure for triggering a blue-green deployment is consistent across TEF, TED, and TE. This guide uses the TEF stack as an example for illustration.

Prerequisites

  • Access to the Guardrails AWS account with Administrator Privileges.
  • Familiarity with AWS Console, Service Catalog, and CloudFormation services.

Step 1: Access AWS Console

Open the AWS Console and navigate to the Service Catalog service in the region where TEF is deployed.

Step 2: Navigate Provisioned Products

Choose Provisioned Products from the left navigation menu.

Step 3: View Provisioned Products

Change the Access Filter in AWS Service Catalog from User to Account to view all provisioned products across the account.

Step 4: Update Provisioned Product

Select the TEF provisioned product from the list.

From the Actions menu, select Update.

Step 5: Update Deployment Trigger Parameter

Under Advanced – Deployment, locate the Parameter Deployment Trigger and switch its value between Blue and Green, depending on the current state.

Step 6: Apply Update

Select Update at the bottom of the screen to apply the changes.

Step 7: Monitor Update

You have successfully updated the deployment trigger, which begins the update of nested CloudFormation stacks.

  • The TEF provisioned product Status changes to Under Change.

  • Select the TEF Provisioned Product, click the Outputs tab, and use the CloudFormationStackARN link to navigate to CloudFormation and monitor the update progress.

  • The TEF stack shows UPDATE_IN_PROGRESS status and track changes under the Events tab.

Step 8: Review

  • Ensure the CloudFormation stack status shows UPDATE_COMPLETE.

  • Ensure the TEF Provisioned Product status shows Available.

Next Steps

Please see the following resources to learn more about Turbot Guardrails Enterprise:

Troubleshooting

IssueDescriptionGuide
Permission IssuesThe current logged-in user lacks permission to modify, update, or create resources in the stack, or IAM roles/SCPs are preventing built-in roles from accessing required configuration settings.Troubleshoot Permission Issues
Further AssistanceIf issues persist, open a support ticket with relevant information.Open Support Ticket