CMS Hybrid Cloud Weekly change newsletter 4/16/2026
Centers for Medicare & Medicaid ServicesCMS Hybrid Cloud

Weekly change newsletter 4/16/2026

Each week, the CMS Hybrid Cloud program provides a list of upcoming changes, maintenance windows, and updates to help customers build awareness and plan effectively and summarizes changes from the previous week.

This newsletter includes:

Completed change summary for the week of 4/9/2026

  • 4/13/2026 - SecureAuth enforcement of 15‑character passwords for service accounts

To learn details about previous changes please go to the News and Updates section on cloud.cms.gov. (Secure Access required)

For Patching and Gold Image release schedule please view: Patching and Gold Image Release Calendar - 2026

4/17/2026 - Update the audit log files rotation on Prod HEC servers

Summary:

The Splunk team is updating audit log files rotation as new files keep being added without any retention set.This updating audit log files rotation will clear the space on server and address any new logs files.

Actions we are taking:

Update max log file to rotate.

When is this happening?

Start Time: Friday, 4/17/2026 at 5:00 p.m. ET

End Time:  Friday, 4/17/2026 at 6:00 p.m. ET

Who will be impacted?

No user impact expected.

What is the impact? 

No impact.

4/17/2026 - Migrate Splunk Indexers from AL2 to AL-2023

Summary:

Current Indexers are on AL-2 which are approaching End of Life by June 2026. The Indexers are being migrated to AL-2023.

Actions we are taking:

Adding new Indexers which will be using AL-2023 to the cluster master and removing the old AL2 Indexers.

When is this happening?

Start Time: Friday, 4/17/2026  at 5:00 p.m. ET

End Time:  Sunday, 4/19/2026  at 11:00 p.m. ET

Who will be impacted?

End users can experience some latency when performing ad-hoc searches. Additionally, as data changes are being propagated, dashboards may load slowly or display incomplete data.

What is the impact? 

Migrating Splunk Indexers can impact the following environments:

CICC Search Head Peering
DRaaS ITSI Search Heads
MITG/MSI ITSI Search Heads
Enterprise ITSI Search Heads

4/18/2026 - DevOps Services Maintenance

Summary:

CMS Hybrid Cloud will be performing maintenance updates on its DevOps tools.

Actions we are taking:

  • The below describes the work Cloud DevOps will be performing: 

    Jfrog: 

    • Update the EKS Add-ons
    • Update the EKS optimized AMI for Jfrog EKS Cluster
    • Update the version Cluster Operation tools
    • Update version of Artifactory, Xray, and Snyk Universal Broker
    • Deploy EKS Pod Identities for VPC CNI & EBS CSI Driver
    • Deploy Karpenter and decommission Cluster AutoScaler for EKS node Management
    • Update the Artifactory ALB to be managed via AWS ALB Controller

    CB Jenkins:

    • Update EKS Nodes AMIs
    • Update EKS add-ons and supporting components
    • Upgrade CB Jenkins CI APP version for OC & Manage controllers

    SonarQube:

    • Upgrade SonarQube version to 2026.2.1.121354
    • Upgrade the Node AMI to the latest AMI release from SecOps

When is this happening?

Start Time: Saturday, 4/18/2026 at 9:00 p.m. ET

End Time:  Sunday, 4/19/2026 at 1:00 a.m. ET

Who will be impacted?

All AWS Commercial and GovCloud customers of SonarQube, CloudBees, JFrog.

What is the impact? 

Customers should expect a short downtime for each service as instances are restarted within the maintenance window.

4/18/2026 - Enterprise Confluence Maintenance

Summary:

Enterprise Confluence (https://confluenceent.cms.gov/) maintenance activity on Saturday, beginning at 7:00 a.m. ET

Actions we are taking:

  • Upgrade Enterprise Confluence RDS (PostgreSQL) to 17.9

When is this happening?

Start Time: Saturday, 4/18/2026 at 7:00 a.m. ET
End Time: Saturday, 4/18/2026 at 1:00 p.m. ET

Who will be impacted?

All Enterprise Confluence Users.

What is the impact? 

Enterprise Confluence (https://confluenceent.cms.gov/)  production instance will be unavailable during the maintenance window outlined above.

Questions:

Please send an email to Agile Tools Support: AGILETOOLS@cms.hhs.gov

4/22/2026 - Non-Marketplace SSM Patching - DEV/TEST/IMPL

Summary:

As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 4/22/2026 at 6:00 p.m. ET.  The week's patches will impact the DEV/TEST/IMPL environment for the affected Non-Marketplace applications noted below.

Actions we are taking:

  • Non-Marketplace DEV/TEST/IMPL
  • SSM Linux & Windows Vulnerability Patching

When is this happening?

Start Time: Wednesday, 4/22/2026 at 6:00 PM. ET

End Time:  Wednesday, 4/22/2026 at 11:00 p.m. ET

Who will be impacted?

CEDAR, Million Hearts, FFSDCS, RASS, OC Base- eLDAP, SC CLIA, NTP LMS, Spott MACBIS, OC Base- WNMG, NEIL/HRES, OC Base- EWST, MacFin, eAPD Hi-C, OC Base- CMS Cloud Legacy, OC Base- DevSecOps SecDevOps, iServ, MDP, PECOS2.0, SEI, OC Base- PWSS, TRA, CMS ARTS, MCIM, RAD Analysis Tools, MCIM, Perm,  CMS Cloud - CRE, CMS Cloud - Enterprise Agile Tools, CMS Cloud tamer, CMS Cloud - CARD, CMS Cloud - ECS Fargate, CMS Cloud - Direct Connect, CMS Cloud - Jfrog SonarCube, CMS Cloud - DNS Prod, CMS Cloud - Governance 2.0, MEOWx, CMS Cloud - CloudBees Jenkins, CMS Cloud - CET, CMS Cloud - DevSecOps, CMS Cloud - Utilities, CMS Cloud - Testrail, CMS Cloud - CircleCI, CMS Cloud - Sam GSS Security GovCloud, SWIFT, AWS HEIDI, MDX, MSPSC, QMAC, ESS-TOOLS, QCOR

MEPBS, EACMS, MacPro, PS&R, RDS, OC Base- APIM GEO, 1115 PMDA, CMS Cloud - Governance 2.0, CMS Cloud - QuickDNS, CMS Cloud - CMSNet, CMS Cloud - CCG Web Content, CMS Cloud - Network Arch, CMS Cloud - VPC Automation, CMS Cloud - Security Team, CMS Cloud - CCG Web Content, CMS Cloud Temporal, CMS Cloud - Splunk, CMS Cloud - CET, AWS GSS Security GC, occonfluence, ocjira, miniorange, ocsonarqube, MTF-PM,  NDW, MacFin, MTF-DM, PECOS-OM, NGD

What is the impact? 

Patches will be applied to the affected areas and reboots where tags are applied 

.4/22/2026 - Marketplace SSM Patching - DEV/TEST

Summary:

As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 4/22/2026 at 6:00 p.m. ET.  The week's patches will impact the DEV/TEST environment for the affected Marketplace applications noted below.

Actions we are taking:

  • Marketplace DEV/TEST
  • SSM Linux & Windows Vulnerability Patching

When is this happening?

Start Time: Wednesday, 4/22/2026  at 6:00 p.m. ET

End Time:  Wednesday, 4/22/2026  at 11:00 p.m. ET

Who will be impacted?

FFM_Opera, FFM_QAO, VAMS, TWS, XES - XOC Tools, SERVIS, FFM_Shared_Services, FFM MLMS, XES - MSI Tech Lab, FFM_FM, FFM_TWS, XES - Service Virtualization, CMS Cloud - Advanced Monitoring

DSRS, FFM, FFM DSH, FFM EDI, FFM EFT, FFM ESDCU, MCR, FLH, OC Base- FLH, OC Base PET, FFM_MNPS

What is the impact? 

Patches will be applied to the affected areas, reboots may take places where tags are applied.

4/22/2026 - MAG  - Azure Update Manager Patching - DEV/TEST/IMPL 

Summary:

As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 4/22/2026 at 6:00 p.m. ET.  The week's patches will impact the DEV/TEST/IMPL environment for the affected MAG applications noted below.

Actions we are taking:

  • MAG DEV/TEST/IMPL
  • MAG Linux & Windows Vulnerability Patching

When is this happening?

Start Time: Wednesday, 4/22/2026 at 6:00 p.m. ET

End Time:  Wednesday, 4/22/2026 at 11:00 p.m. ET

Who will be impacted?

Subscription:
CMS.VDC-CCS.IUSG.SharedServices.001.AG
ScopeInfoTech-CM-HEDIS PLD-005


Resource Group with Reboot:
RG-SS-LDAP-PROXY-DEV
RG-SS-LDAP-PROXY-VAL


Resource Group with No Reboot:
RG-AZE-HEDISPLD-DEV
RG-AZE-HEDISPLD-VAL

What is the impact? 

Patches will be transmitted to the affected areas. For some customers, reboots may occur depending upon the tags applied.

4/22/2026 - Azure Commercial -  Azure Update Manager Patching - DEV/TEST/IMPL 

Summary:

As part of our normal patching, the CMS Hybrid Cloud team will apply the latest Windows and Linux patches on Wednesday, 4/22/2026 at 6:00 p.m. ET.  The week's patches will impact the DEV/TEST/IMPL environment for the affected Azure commercial applications noted below.

Actions we are taking:

  • Azure Commercial DEV/TEST/IMPL
  • Azure Commercial Linux & Windows Vulnerability Patching

When is this happening?

Start Time: Wednesday, 4/22/2026 at 6:00 p.m. ET

End Time:  Wednesday, 4/22/2026 at 11:00 p.m. ET

Who will be impacted?

Subscription:

azure-comm-ea-cms-iusg-gss-patching-prod

azure-comm-ea-cms-iusg-gss-goldimage-prod

azure-comm-ea-cms-iusg-gss-smtp-nonprod

azure-comm-ea-cms-iusg-gss-smtp-prod

azure-comm-ea-cms-iusg-gss-vdi-nonprod

azure-comm-ea-cms-iusg-gss-vdi-prod 

azure-comm-ea-cms-iusg-gss-securitycomp-prod

azure-comm-ea-cms-iusg-gss-logging-nonprod

azure-comm-ea-cms-iusg-gss-logging-prod

azure-comm-ea-cms-iusg-gss-nerdio-prod

azure-comm-ea-cms-iusg-gss-security-prod 

azure-comm-ea-cms-iusg-gss-security-nonprod

azure-comm-ea-cms-iusg-gss-identity-prod

azure-comm-ea-cms-iusg-gss-securityauto-prod

azure-comm-ea-cms-iusg-gss-bigfix-prod

azure-comm-ea-cms-iusg-gss-connectivity-prod

azure-comm-ea-cms-iusg-gss-dataprotect-dev

azure-comm-ea-cms-iusg-gss-zscaler-prod

azure-comm-ea-cms-iusg-gss-dataprotect-prod

azure-comm-ea-cms-iusg-gss-dataprotect-test

azure-comm-ea-cms-iusg-gss-infoblox-prod

What is the impact? 

Patches will be transmitted to the affected areas. For some customers, reboots may occur depending upon the tags applied.

Need help? We are here to support you.

If you have any questions, don't hesitate to reach out to your assigned Hosting Coordinator. CMS IT Support can be reached via cloudsupport@cms.hhs.gov, or call (800) 562-1963, and is documented here at Support Page on cloud.cms.gov.

You are subscribed to receive email messages about CMS Cloud Operations, Changes, and Outages from the Centers for Medicare & Medicaid Services (CMS).
This email was sent to NPrm5pk4s@niepodam.pl using GovDelivery Communications Cloud 7500 Security Boulevard · Baltimore MD 21244