In the process of upgrading FortiGate licenses on the cloud, there seems to be a misconception about the necessity of a complete FortiGate redeployment. To clarify, such a drastic measure is not required. The license upgrade can be executed seamlessly, with due attention to specific considerations.

Commence the process by registering the new license. Post-registration, a downloadable copy becomes accessible. Note that for scenarios like subscription licenses, an incubation period of 4 to 24 hours may be required for the license to become fully operational.

For this discussion, let's assume standard VM licenses are held, and the goal is to upgrade to subscription licenses. In an HA configuration, it is crucial to emphasize that this process must be undertaken on both the primary and secondary units of the cluster. Before any operation on the cluster, it is crucial to verify that all units are in sync and the failover handling is performing correctly.

Now, let's focus on the specifics based on different cloud providers:

Case 1: Azure.
The process on Azure is straightforward. On the secondary unit, access https://<secondary_ip>/system/vm/license, select 'Upload,' select the new license and confirm. The unit will then undergo a reboot. Repeat the process on the other unit, exercising patience. It is advisable to complete this operation on the secondary unit first, wait for it to resume normal functioning, and then proceed with the primary unit.

Case 2: AWS.
The process on AWS mirrors that of Azure. Ensure that the VM status is running, with the status check reading 2/2 checks passed.

Case 3: GCP.
Similar to Azure, the GCP upgrade follows a parallel trajectory.

In all instances, the transition from the initial to the final state is anticipated to be seamless.

After the license upgrade, there may be a mismatch between the CPUs showing in the system and those appearing in the license. To solve the issue, follow this guide.