Each week, the CMS Cloud program provides a list of upcoming changes, maintenance windows, and updates to help customers build awareness and plan effectively and summarizes changes from the previous week.
This newsletter includes:
Completed change summary for the week of 9/4/2025
- 9/6/2025 - Splunk Universal Forwarder Agent Upgrade to 9.4.2
- 9/6/2025 - DevOps Services Maintenance
- 9/7/2025 - Marketplace SSM patching - PROD
- 9/7/2025 - Restart Production and Non-Prod HEC Servers
To learn details about previous changes please go to the News and Updates section on cloud.cms.gov. (Secure Access required)
For Patching and Gold Image release schedule please view :Patching and Gold Image Release Calendar - 2025
9/12/2025 - Patch Splunk to version 9.4.4 - Splunk-DC/MAG/GovCloud
Summary:
The CMS Hybrid Cloud logging services team will perform maintenance patching to update Splunk enterprise to version 9.4.4. These patches will be applied to Splunk servers in Splunk-DC, MAG and GovCloud Splunk production environments.
Actions we are taking:
Splunk application maintenance patching on Splunk servers within the following accounts:
- Splunk-DC prod environment
- Microsoft Azure (MAG) Splunk prod environment
- AWS Splunk GovCloud prod environment
When is this happening?
Start Time: Friday, 9/12/2025 at 7:00 p.m. ET
End Time: Friday, 9/12/2025 at 11:00 p.m. ET
Who will be impacted?
All customers using Splunk tool in Splunk-DC, MAG, and GovCloud
What is the impact?
Users of the Splunk tool can experience brief periods where search performance is slow or degraded while servers are being restarted after the patch is applied.
9/12/2025 - Splunk GovCloud Maintenance
Summary:
In order to keep up to date with the latest versions and security advisories, the CMS Hybrid Cloud team will be performing maintenance updates on Splunk GovCloud.
Actions we are taking:
- Enable dual stack for load balancers and EC2 Instances
- Add security group ingress rules for HEC load balancer endpoint to restrict inbound access to Splunk.
- Encrypt EBS volumes on indexers for security compliance.
- Scale up deployment server EC2 instance.
- Update Splunk instances with the latest silver image
When is this happening?
Start Time: Friday, 9/12/2025 at 7:00 p.m. ET
End Time: Saturday, 9/13/2025 at 10:30 p.m. ET
Who will be impacted?
MITG MSI, EMM and CCIC search heads peered to the Splunk environment.
What is the impact?
Due to maintenance the environment will have a short impact on service availability of the GovCloud environment. Some users will be impacted and will need to rerun queries or refresh dashboards.
9/13/2025 - Patch Splunk to version 9.4.4 - Cloud Splunk Prod and OC environments
Summary:
The CMS Hybrid Cloud logging services team will perform maintenance patching to update Splunk enterprise to version 9.4.4. These patches will be applied to Splunk servers in ITOPS Splunk production and OC environments.
Actions we are taking:
Splunk application maintenance patching on Splunk servers within the following accounts:
- ITOPS Splunk prod environment
- OC prod environment
When is this happening?
Start Time: Saturday, 9/13/2025 at 9:00 a.m. ET
End Time: Saturday, 9/13/2025 at 5:00 p.m. ET
Who will be impacted?
All customers using Splunk tool in ITOPS Production and OC environments
What is the impact?
Users of the Splunk tool could experience brief periods where search performance is slow or degraded while servers are being restarted after the patch is applied.
9/13/2025 - Enterprise TestRail Service Maintenance
Summary:
The CMS Enterprise Agile Tools team will conduct scheduled maintenance on Enterprise TestRail, during which the system will be unavailable, as outlined below.
Actions we are taking:
- Reboot the Enterprise (OIT) TestRail Production environment to remediate a security vulnerability.
When is this happening?
Start Time: Saturday, 9/13/2025 at 8:00 a.m. ET
End Time: Saturday, 9/13/2025 at 10:00 a.m. ET
Who will be impacted?
All Enterprise TestRail Users
What is the impact?
Enterprise Testrail (https://testrailent.cms.gov/ will be unavailable.
9/13/2025 - Restart Production and Non-Prod HEC Servers
Summary:
The CMS Hybrid Cloud Splunk team will perform a rolling restart of the HEC Splunk Services. This will be performed weekly as part of Open Enrollment activities.
Actions we are taking:
- Restarting the Prod and Non-Prod HEC Forwarders
When is this happening?
Start Time: Sunday 9/13/2025 at 8:00 p.m. ET
End Time: Sunday, 9/13/2025 at 11:00 p.m. ET
Who will be impacted?
MITG and MSI
What is the impact?
This change has low impact. We have 45 prod HEC services and 18 Non-Prod and we only restart 5 at a time. The majority of load balanced HEC servers will be available as the restarts progress and they have sufficient capacity to handle all ingest streams.
9/17/2025 - Azure Update Manager Patching - DEV/TEST/IMPL
Summary:
As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 9/17/2025 at 5:00 p.m. ET. The week's patches will impact the DEV/TEST/IMPL environment for the affected MAG applications noted below.
Actions we are taking:
- MAG DEV/TEST/IMPL
- MAG Linux & Windows Vulnerability Patching
When is this happening?
Start Time: Wednesday, 9/17/2025 at 5:00 p.m. ET
End Time: Wednesday, 9/17/2025 at 11:00 p.m. ET
Who will be impacted?
RG-SS-LDAP-PROXY-DEV
RG-SS-LDAP-PROXY-VAL
What is the impact?
Patches will be transmitted to the affected areas. For some customers, reboots may occur depending upon the tags applied.
9/17/2025 - Non-Marketplace SSM Patching - DEV/TEST/IMPL
Summary:
As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 9/17/2025 at 5:00 p.m. ET. The week's patches will impact the DEV/TEST environment for the affected Non-Marketplace applications noted below.
Actions we are taking:
- Non-Marketplace DEV/TEST/IMPL
- SSM Linux & Windows Vulnerability Patching
When is this happening?
Start Time: Wednesday, 9/17/2025 at 5:00 p.m. ET
End Time: Wednesday, 9/17/2025 at 11:00 p.m ET
Who will be impacted?
CEDAR, Million Hearts, FFSDCS, RASS, OC Base- eLDAP, SC CLIA, NTP LMS, Spott MACBIS, MDP, OC Base- WNMG, NEIL/HRES, OC Base- EWST, MacFin, eAPD Hi-C, OC Base- CMS Cloud Legacy, OC Base- DevSecOps SecDevOps, iServ, MDP, PECOS2.0, SEI, OC Base- PWSS, TRA, CMS ARTS, MCIM, RAD Analysis Tools, MCIM, Perm, CMS Cloud - CRE, CMS Cloud - Enterprise Agile Tools, CMS Cloud tamer, CMS Cloud - CARD, CMS Cloud - ECS Fargate, CMS Cloud - Direct Connect, CMS Cloud - Jfrog SonarCube, CMS Cloud - DNS Prod, CMS Cloud - SRE, CMS Cloud - Governance 2.0, MEOWx, CMS Cloud - CloudBees Jenkins, CMS Cloud - CET, CMS Cloud - DevSecOps, CMS Cloud - Utilities, CMS Cloud - Testrail, CMS Cloud - CircleCI, CMS Cloud - Sam GSS Security GovCloud, SWIFT, AWS HEIDI, MDX, MSPSC
MEPBS, EACMS, MacPro, PS&R, RDS, OC Base- APIM GEO, 1115 PMDA, CMS Cloud - Governance 2.0, CMS Cloud - QuickDNS, CMS Cloud - CMSNet, CMS Cloud - CCG Web Content, CMS Cloud - Network Arch, CMS Cloud - VPC Automation, CMS Cloud - Security Team, CMS Cloud - CCG Web Content, CMS Cloud Temporal, CMS Cloud - Splunk, CMS Cloud - CET, AWS GSS Security GC, occonfluence, ocjira, miniorange, ocsonarqube, MTF-PM, NDW, MacFin, MTF-DM
What is the impact?
Patches will be transmitted to the affected areas. For some customers, reboots may occur depending upon the tags applied.
9/17/2025 - Marketplace SSM Patching - DEV/TEST
Summary:
As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 9/17/2025 at 5:00 p.m. ET. The week's patches will impact the DEV/TEST environment for the affected Marketplace applications noted below.
Actions we are taking:
- Marketplace DEV/TEST
- SSM Linux & Windows Vulnerability Patching
When is this happening?
Start Time: Wednesday, 9/17/2025 at 5:00 p.m. ET
End Time: Wednesday, 9/17/2025 at 11:00 p.m. ET
Who will be impacted?
FFM_Opera, FFM_QAO XES - CyberArk, OCEAN, VAMS, TWS, XES - XOC Tools, SERVIS, FFM_Shared_Services, FFM MLMS, XES - MSI Tech Lab, FFM_FM, FFM_TWS, FFM_PM, XES - Service Virtualization, CMS Cloud - Advanced Monitoring
DSRS, FFM, FFM DSH, FFM EDI, FFM EFT, FFM ESDCU, MCR, FLH, OC Base- FLH, OC Base PET, FFM_MNPS
What is the impact?
Patches will be transmitted to the affected areas. For some customers, reboots may occur depending upon the tags applied.
Need help? We are here to support you.
If you have any questions, don't hesitate to reach out to your assigned Hosting Coordinator. CMS IT Support can be reached via cloudsupport@cms.hhs.gov, or call (800) 562-1963, and is documented here at Support Page on cloud.cms.gov.
Reminder - Open Enrollment (OE13) - Moratorium
Summary:
To help ensure that we maintain good system performance and stability during CMS Healthcare Open Enrollment, an annual Moratorium period has been established to shift the scheduling of production changes into designated weekly maintenance windows which occurs on most Sundays.
Key Dates: (click to download the EO13 schedule and key dates pdf file)
Start time: Wednesday, October 1st 2025 at 12:00 AM
End time: Friday, January 16th 2025 at 5:00 AM
October 1 - Start of Moratorium
October 5, 12, 19 – Available Maintenance Window (Sunday, 12:00 AM – 12:00 PM)
- October 5 is also the Production patching date for the September (Delta) patching cycle - this will be the last patching prior to OE for 2026
- October 24 is also planned FFE Pre OE October release code deployment at midnight
Who will be impacted:
Any Hybrid Cloud IT Operations team planning to make a change to a system supporting the CMS Healthcare Marketplace either directly or indirectly.
Reminder - New DLTA Version v3.2.5a Now Available!
Summary:
The new version of DLTA (v3.2.5a), now using Node.js 20, is available in the AWS Service Catalog.
This update ensures compatibility with AWS Lambda, as Node.js 18 was deprecated on September 1st 2025. We recommend updating to this version to maintain support and avoid disruptions.
Actions:
The DLTA v3.2.5a version was released to AWS Service Catalog on August 14. It upgrades Lambda NodeJS version from 18 to 20.
Reference:
|