https://fortinetcloudcse.github.io/Autoscale-Simplified-Template/6_upgrade_fortios/6_3_blue_green_upgrade/index.htmlOverview Blue-green upgrade deploys a parallel (Green) inspection stack alongside the existing (Blue) stack, validates Green under real conditions, then flips all TGW routes atomically at cutover. Blue remains suspended as a live fallback until the operator explicitly approves cleanup. This strategy eliminates cross-version config sync issues and gives full rollback capability at every phase up through cleanup. Architecture Blue Environment (Existing) Spoke VPCs (East, West, ...) │ ▼ Transit Gateway │ TGW route tables → Blue inspection VPC attachment ▼ Blue Inspection VPC (10.0.0.0/16) ├── GWLB + Target Group ├── FortiGate ASG (BYOL + On-Demand) ├── DynamoDB (instance tracking) └── Lambda (lifecycle management) Green Environment (New — deployed in parallel) Transit Gateway │ TGW attachment created but routes NOT switched yet ▼ Green Inspection VPC (10.0.0.0/16) ← SAME CIDR as Blue ├── GWLB + Target Group (new) ├── FortiGate ASG (new FortiOS AMI, corrected config) ├── DynamoDB (clean state) └── Lambda (current version) After Cutover Spoke VPCs │ ▼ Transit Gateway │ TGW route tables → Green inspection VPC attachment ▼ Green Inspection VPC (traffic flows here) Blue Inspection VPC (suspended — no new instances, kept as rollback target) Why the Same CIDR Green uses the same CIDR blocks as the Blue inspection VPC. This is a deliberate design choice, not a limitation.Hugoen-US