If you do not have a preference for which WAN is used when, you could simply not have any SDWAN rules and then use either Source IP or source-destination IP for the Load balancing algorithm. As long as you have "set update-static-route enable" on the performance SLA, it will remove the route and just go out the interface that is still there.
Existing sessions should stay where they already are and related traffic load balanced accordingly.
This is a little bit different of a setup but could work. Would require a lot of tests to make sure but you could try the following:
1. Setup a link monitor or sdwan SLA monitor for both wan ports with update-static-route enable.
2. Create both default routes with a distance of 10
3. Create an automation stitch that watches the logs for a link monitor or sdwan monitor failure. Have it trigger a script that changes the distance to 5 on the wan port that is still healthy and sets the distance to 10 on the unhealthy wan port (in case it was previously unhealthy). This way when the other wan link comes back up it will not be used because its route will have a distance of 10 and the other one has a distance of 5.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.