Navigation
OperationsUpdated July 3, 2026

ECSA West Lead Dev - Knowledge Transfer

operationsknowledge-transferecsaclinical-systemsleaddevelopmentwest-regionazureepicnon-prod

ECSA Epic on Azure Knowledge Transfer (West/Lead Dev – WPOC, WPOCCL, WSBOX, WSBOXCL)

The following Optum and Accenture team members were identified as key stakeholders for ECSA related knowledge transfer:

NameOrganization
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture

The following items were identified as requiring Knowledge Transfer to transition the in-scope environments to the Optum ECSA team for ongoing support:

Server names and corresponding Epic groups

  1. West/Lead Non-Prod VMs: Current Machines in Kuiper.csv

  2. Kuiper URL: https://kuiper.uhc.com

  3. System Pulse URL: https://systempulse.uhc.com

Confirm Server Access & corresponding tools required for access

  • Ensure access to Hashicorp Vault (https://vault.uhg.com)
  • Namespaces: Aide-0085665 (West), Aide-0085666 (East)
  • Used for Static secrets:
    • Local admin passwords
    • Follow-up with Infrastructure team to get naming decoder ring for local admin passwords (Followed up with Indhu and Jeff 4/22)
    • Msnonprod service accounts
    • Cloudtest infrastructure – ONLY Epic infrastructure in msnonprod domain
    • msnonprod.dsnonprod.uhc.com
    • EMPs or ESMP passwords
    • Etc.
  • Ensure access to Cyberark (same as on-prem) (https://cyberark.optum.com/PasswordVault/v10/logon)
  • View and copy service account passwords
  • Domain based secrets
  • Epic service accounts: Epic on Azure Service Accounts.xlsx
  • Now accessible from Cloud SAW
  • Ensure access to Cloud SAW
  • VMWare Horizon
  • Cloud SAW is the preferred way to RDP into Azure VMs
  • Request Cloud SAW access via Secure:
    • Application: Secure Workbench
    • Choose Create New ID to populate with Secondary ID
    • If one does not exist, it will create a secondary ID for use.
    • Role: Cloud SAW
  • Ensure your elevated credentials are in the AD group
  • GPO is applied to Epic on Azure Windows VMs to allow admin access to this AD group
  • Check adlookup.optum.com to ensure access has been granted

Azure Access

  • Ensure login and access to Virtual Machine details located in the portal (https://portal.azure.com)
  • Currently not aware of the process to get “Contributor” access in Azure – Placeholder follow-up (Optum Cloud Operations – Followed up with Indhu and Jeff – 4/22 jm)
  • Use for Azure Bastion – Console level access to VMs if they are unreachable via RD

List of deliverable

  • Quick Reference Guide: Optum_Epic on Azure Infrastructure - Quick Reference Guide.xlsx
  • Low-level Design Document: Low-Level_Design_v1.0.docx
  • ECSA Discovery Documents: ECSA
  • Deployment Plans: Deployment Plan
  • Epic IP Address Allocation: EPIC IP Address Allocation-100%CDO.xlsx
  • Network Architecture Diagram: Optum - Network Diagrams Draft v2.6-updated2.vsdx

Architecture & Business Continuity (DR considerations/config for specific environments)

  • This will be applicable for Production. It is not applicable for non-prod

Server configuration detail

  • Please see the Bill of Materials that were used to request the infrastructure that has been deployed here: Deployed

Application Config details

  • This will be applicable for Production. It is not applicable for non-prod.

Monitoring

  • System Pulse has been configured to match on-prem Alert Defs and users have been added to appropriate groups. Please ensure your account has Administrator access, the ECSA alerting group members are up-to-date, and that all the appropriate alerts are configured. (https://systempulse.uhc.com/SystemPulse)
    • SMTP server: mailo2.uhc.com
    • Netscaler VIP Status
    • Follow up with Benny on read account to look at VIP status and configuration ("followed up with Benny 4/22 -jm")
    • Domain account? Local account?

SOP for admin tasks (e.g. add new disk, expand disk, upgrade SKU, add new machine, start/stop server, etc.)

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Patching Schedule/Process

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Accenture Team will provide Hypercare through Friday, April 18, 2025; Optum’s ECSA team will take over ongoing support for this environment starting Monday, April 21, 2025.

Acknowledgement section

NameOrganizationAcknowledged
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture