Navigation
OperationsUpdated July 3, 2026

ECSA West WPRD - Knowledge Transfer

operationsknowledge-transferecsaclinical-systemswprdproductionwest-regionazureepic

ECSA Epic on Azure Knowledge Transfer (West WPRD)

The following Optum and Accenture team members were identified as key stakeholders for ECSA related knowledge transfer:

NameOrganization
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture

The following items were identified as requiring Knowledge Transfer to transition the in-scope environments to the Optum ECSA team for ongoing support:

Server names and corresponding Epic groups

  1. West/Lead Non-Prod VMs: Current Machines in Kuiper.csv

  2. Kuiper URL: https://kuiper.uhc.com

  3. System Pulse URL: https://systempulse.uhc.com

Confirm Server Access & corresponding tools required for access

  • Ensure access to Hashicorp Vault https://vault.uhg.com

  • Namespaces: Aide-0085665 (West), Aide-0085666 (East)

  • Used for Static secrets

  • Local admin passwords

  • Follow-up with Infrastructure team to get naming decoder ring for local admin passwords Followed up with Indhu and Jeff 4/22 -

  • Ms service accounts

  • Cloudtest infrastructure – ONLY Epic infrastructure in msnonprod domain

  • Msnonprod.dsnonprod.uhc.com

  • EMPs or ESMP passwords etc.

  • Ensure access to Cyberark (same as on-prem) https://cyberark.optum.com/PasswordVault/v10/logon

  • View and Copy service account passwords

  • Domain based secrets

  • Epic service accounts: Epic on Azure Service Accounts.xlsx

  • It is now accessible from Cloud SAW

  • Ensure access to Cloud SAW

  • VMWare Horizon

  • Cloud SAW is the preferred way to RDP into Azure VMs

  • Request Cloud SAW access via Secure

  • Application: Secure Workbench

  • Choose Create New ID to populate with Secondary ID

  • If one does not exist, it will create a secondary ID for use.

  • Role: Cloud SAW

  • Ensure your elevated credentials are in the AD group below:

  • GPO is applied to Epic on Azure Windows VMs to allow admin access to this AD group

  • Check adlookup.optum.com to ensure access has been granted

Azure Access

  • Ensure log in and access to Virtual Machine details located in the portal https://portal.azure.com

  • Currently not aware of the process to get “Contributor” access in Azure – Placeholder follow-up – Optum Cloud Operations – Followed up with Indhu and Jeff – 4/22 jm

  • Use for Azure Bastion – Console level access to VMs if they are unreachable via RDP

List of deliverables

  • Quick Reference Guide: Optum_Epic on Azure Infrastructure - Quick Reference Guide.xlsx
  • Low-level Design Document: Low-Level_Design_v1.0.docx
  • ECSA Discovery Documents: ECSA
  • Deployment Plans: Deployment Plan
  • Epic IP Address Allocation: EPIC IP Address Allocation-100%CDO.xlsx
  • Network Architecture Diagram: Optum - Network Diagrams Draft v2.6-updated2.vsdx

Architecture & Business Continuity (DR considerations/config for specific environments)

  • This will be applicable for Production. It is not applicable for non-prod.

Server configuration details

  • Please see the Bill of Materials that were used to request the infrastructure that has been deployed here: Deployed

Application Config details

  • This will be applicable for Production. It is not applicable for non-prod.

Monitoring

  • System Pulse has been configured to match on-prem Alert Defs and users have been added to appropriate groups. Please ensure your account has Administrator access, the ECSA alerting group members are up-to-date, and that all the appropriate alerts are configured. (https://systempulse.uhc.com/SystemPulse)
  • SMTP server: mailo2.uhc.com
  • Netscaler VIP Status
  • Follow up with Benny on read account to look at VIP status and configuration ("followed up with Benny 4/22 -jm")
  • Domain account? Local account?

SOP for admin tasks (e.g. add new disk, expand disk, upgrade SKU, add new machine, start/stop server, etc.)

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Patching Schedule/Process

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Accenture Team will provide Hypercare through Friday, April 18, 2025; Optum’s ECSA team will take over ongoing support for this environment starting Monday, April 21, 2025.

Acknowledgement section

NameOrganizationAcknowledged
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture