Navigation
OperationsUpdated July 3, 2026

ECSA WMPI - Knowledge Transfer

operationsknowledge-transferecsaclinical-systemswmpiazureepicnon-prod

ECSA Epic on Azure Knowledge Transfer (WMPI)

The following Optum and Accenture team members were identified as key stakeholders for ECSA related knowledge transfer:

NameOrganization
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture

The following items were identified as requiring Knowledge Transfer to transition the in-scope environments to the Optum ECSA team for ongoing support:

Server names and corresponding Epic groups

  1. East Non-Prod VMs: Current_Machines_in_Kuiper_West.csv
  2. Kuiper URL: https://kuiper.uhc.com
  3. System Pulse URL: https://systempulse.uhc.com

Confirm Server Access & corresponding tools required for access

  • Ensure access to Hashicorp Vault https://vault.uhg.com

  • Namespaces: Aide-0085665 (West), Aide-0085666 (East)

  • Used for Static secrets

  • Local admin passwords

  • Reference the workspace tag on the VM. The password is present within kv/data/<workspace tag value> in vault

  • EMPs or ESMP passwords

  • Kuiper AES password

  • SystemPulse Role Edit Password

  • SPAdmin

  • Etc.

  • Ensure access to Cyberark (same as on-prem) https://cyberark.optum.com/PasswordVault/v10/logon

  • View and Copy service account passwords

  • Domain based secrets

  • Epic service accounts: Epic on Azure Service Accounts.xlsx

  • It is now accessible from Cloud SAW

  • Ensure access to Cloud SAW

  • VMWare Horizon

  • Cloud SAW is the preferred way to RDP into Azure VMs

  • Request Cloud SAW access via Secure

  • Application: Secure Workbench

  • Choose Create New ID to populate with Secondary ID

  • If one does not exist, it will create a secondary ID for use.

  • Role: Cloud SAW

  • Ensure your elevated credentials are in the AD group below:

  • GPO is applied to Epic on Azure Windows VMs to allow admin access to this AD group

  • Check adlookup.optum.com to ensure access has been granted

Azure Access

  • Ensure login and access to Virtual Machine details located in the portal (https://portal.azure.com)
  • Contributor Access in Azure - Access is controlled by Optum. A request will have to be submitted to obtain this level of access. Managed by Optum Cloud Operations
  • Use for Azure Bastion - Console level access to VMs if they are unreachable via RDP

List of deliverables

  • Quick Reference Guide: Optum_Epic on Azure Infrastructure - Quick Reference Guide.xlsx
  • Low-level Design Document: Low-Level_Design_v1.0.docx
  • ECSA Discovery Documents: ECSA
  • Deployment Plans: Deployment Plan
  • Epic IP Address Allocation: EPIC IP Address Allocation-100%CDO.xlsx
  • Network Architecture Diagram: Optum - Network Diagrams Draft v2.6-updated2.vsdx

Architecture & Business Continuity (DR considerations/config for specific environments)

  • This will be applicable for Production. It is not applicable for non-prod.

Server configuration details

  • Please see the Bill of Materials that were used to request the infrastructure that has been deployed here: Deployed

Application Config details

  • This will be applicable for Production. It is not applicable for non-prod.

Monitoring

  • System Pulse has been configured to match on-prem Alert Defs and users have been added to appropriate groups. Please ensure your account has Administrator access, the ECSA alerting group members are up-to-date, and that all the appropriate alerts are configured. (https://systempulse.uhc.com/SystemPulse)
    • SMTP server: mailo2.uhc.com
  • Netscaler VIP Status
    • Read access on the NetScaler Console can be acquired by reaching out to Benny Contreras. This will allow you to see the entirety of the environment and run analytics as well.
    • Domain account? Local account?

SOP for admin tasks (e.g. add new disk, expand disk, upgrade SKU, add new machine, start/stop server, etc.)

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Patching Schedule/Process

  • This is out of scope for the Epic on Azure team and details should be shared by Cloud Operations.

Accenture Team will provide Hypercare through Friday, April 18, 2025; Optum’s ECSA team will take over ongoing support for this environment starting Monday, April 21, 2025.

Acknowledgement section

NameOrganizationAcknowledged
Jordan LambertOptum
Jerry BennettOptum
Damian CardosoOptum
Moses Preston-HolderOptum
Michael MansfieldOptum
Matthew SenterAccenture
Charles PahlAccenture
Jonathan SaucierAccenture