Navigation
OperationsUpdated July 3, 2026

ECSA CloudTest West/Lead - Knowledge Transfer

operationsknowledge-transferecsaclinical-systemscloudtestwest-regionleadazureepic

ECSA Epic on Azure Knowledge Transfer (CloudTest CTWEST/CTTSTRPT/CTLEAD)

The following Optum and Accenture team members were identified as key stakeholders for ECSA related knowledge transfer:

NameOrganization
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture

The following items were identified as requiring Knowledge Transfer to transition the in-scope environments to the Optum ECSA team for ongoing support:

Server names and corresponding Epic groups

  1. West/Lead Non-Prod VMs: CloudTestWestLeadRptVMs.xlsx
  2. Kuiper URL: https://epiccloudtestkuiper.uhc.com/Kuiper
  3. System Pulse URL: https://epiccloudtestsystempulse.uhc.com/SystemPulse
  4. Storefront: Citrix Workspace

Confirm Server Access & corresponding tools required for access

  • Ensure access to Hashicorp Vault (https://vault.uhg.com)
  • Namespaces: Aide-0085665 (West), Aide-0085666 (East)
  • Used for static secrets:
    • Local admin passwords
    • MSNONPROD service accounts – kv/service_accounts/msnonprod-epic-svc-accounts
    • Epic infrastructure is ONLY in msnonprod.dsnonprod.uhc.com domain
    • EMP, Fixed Key, ESMP, Kuiper, and System Pulse keys/configuration accounts remain the same
    • Ensure access to Cyberark (same as on-prem) (https://cyberark.optum.com/PasswordVault/v10/logon)
    • View and copy service account passwords
    • Domain-based secrets
    • Epic service accounts (filter on CloudTest location): Epic on Azure Service Accounts.xlsx
    • Now accessible from Cloud SAW
    • Ensure access to Cloud SAW
    • VMWare Horizon
    • Cloud SAW is the Preferred way to RDP into CloudTest Azure VMs
    • Ensure your elevated credentials are in the AD group
    • GPO is applied to Epic on Azure Windows VMs to allow admin access to this AD group
    • Check (adlookup.optum.com) to ensure access has been granted

Azure Access

  • Ensure log in and access to Virtual Machine details located in the portal https://portal.azure.com
  • Currently not aware of the process to get “Contributor” access in Azure – Placeholder follow-up – Optum Cloud Operations – Followed up with Indhu and Jeff – 4/22 jm
  • Use for Azure Bastion – Console level access to VMs if they are unreachable via RDP

CloudTest Access

  • Request both primary and secondary accounts for MSNONPROD domain from Charles Fuller
  • Log into Cloud SAW
  • RDP to remote machine FQDN
  • Use MSNONPROD user account
  • Ensure you can reach Kuiper and System Pulse VIPs and authenticate
  • Contact Jonathan Saucier to if you have issues accessing to these applications
  • In future, this step will be owned by Optum’s operations

List of deliverables

  • Quick Reference Guide: Optum_Epic on Azure Infrastructure - Quick Reference Guide.xlsx
  • Low-level Design Document: Low-Level_Design_v1.0.docx
  • Deployment Plans: Deployment Plan
  • Epic IP Address Allocation: EPIC IP Address Allocation-100%CDO.xlsx
  • Network Architecture Diagram: Optum - Network Diagrams Draft v2.6-updated2.vsdx

Architecture & Business Continuity (DR considerations/config for specific environments)

  • This will be applicable for Production. It is not applicable for non-prod.

Server configuration details

  • Please see the Bill of Materials that were used to request the infrastructure that has been deployed here: Deployed

Application Config details

  • This will be applicable for Production. It is not applicable for non-prod.

Monitoring

  • System Pulse can be configured to match on-prem Alert Definitions.
  • Alerting not configured due to testing-only nature of implementation.
  • To configure System Pulse alerts (https://epiccloudtestsystempulse.uhc.com/SystemPulse):
    • Enable alerts from servers
    • Complete SMTP configuration
    • SMTP server: mailo2.uhc.com -Netscaler VIP Status

SOP for admin tasks (e.g. add new disk, expand disk, upgrade SKU, add new machine, start/stop server, etc.)

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Patching Schedule/Process

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Accenture Team will provide Hypercare through Friday, April 18, 2025; Optum’s ECSA team will take over ongoing support for this environment starting Monday, April 21, 2025.

Acknowledgement section

NameOrganizationAcknowledged
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture