RDC OMOP Nifi Reference

This template provides an outline and example content to help ensure the relevant details are captured for the Nifi server hosted in Azure. Please remove example content and subsections that do not apply to the specific instance.

General Information

Server Names: RDC OMOP Databases

Name (portal Link) Subscription Resource group Region Environment Deployment date
i2rdc3-prod-nifi01 I2 - RDC 2.0 Azure POC - Prod i2rdc3-prod-rg-main Central US Production TBD
i2rdc3-prod-nifi02 I2 - RDC 2.0 Azure POC - Prod i2rdc3-prod-rg-main Central US Production TBD
i2rdc3-prod-nifi03 I2 - RDC 2.0 Azure POC - Prod i2rdc3-prod-rg-main Central US Production TBD
i2rdc3-qa-nifi01 I2 - RDC 2.0 Azure POC - QA i2rdc3-qa-rg-main Central US Quality Assurance TBD
i2rdc3-qa-nifi02 I2 - RDC 2.0 Azure POC - QA i2rdc3-qa-rg-main Central US Quality Assurance TBD
i2rdc3-qa-nifi03 I2 - RDC 2.0 Azure POC - QA i2rdc3-qa-rg-main Central US Quality Assurance TBD
i2rdc3-dev-nifi01 I2 - RDC 2.0 Azure POC - Dev i2rdc3-dev-rg-main Central US Development TBD
i2rdc3-dev-nifi02 I2 - RDC 2.0 Azure POC - Dev i2rdc3-dev-rg-main Central US Development TBD
i2rdc3-dev-nifi03 I2 - RDC 2.0 Azure POC - Dev i2rdc3-dev-rg-main Central US Development TBD

Owner: Snehil Gupta (Data Warehouse Team)

Technical contacts:

  • Warren Thomas (Data Warehouse Team)
  • David Osipov (TPI Team)
  • Chris Lundenberg (TPI Team)

Purpose and Description

  • Purpose of these Application Servers:
    • provide Nifi ETL services for RDC ETL operations

Application/Service Dependencies

- need more explanation

Networking and Connectivity

  • Firewall Rules:

    • Allow Azure services: Enabled / Disabled
    • Public IPs Allowed:
      Rule Name Start IP End IP Description
      office 40.112.65.100 40.112.65.100 Office network
      vpn 10.0.0.0 10.0.0.255 On-premises VPN tunnel
  • Private Endpoint:

    • Enabled / Disabled
    • Private Link Resource: sqlserver-name.privatelink.database.windows.net
    • VNet/Subnet: vnet-data-prod/subnet-db-private
  • DNS Zone Integration:

    • Private DNS Zone: privatelink.database.windows.net

Authentication and Access

  • Authentication Mode: SQL / Azure AD / Mixed
  • Active Directory Admin: sqladmin@domain.com
  • SQL Admin Login: sqladmin
  • Key Vault: [Key vault name](portal link)

Access Control Policies

  • Roles assigned to users and groups
  • RBAC assignments for key vault access if using CMK

Security Configuration

Encryption

Auditing

  • Auditing Enabled: Yes
  • Destination: Log Analytics Workspace / Storage Account
  • Retention: 90 Days

Advanced Threat Protection

  • Status: Enabled
  • Alerts configured: Email to security@domain.com

Data Masking

  • Dynamic data masking rules configured: Yes / No

Performance and Sizing

  • Tier: General Purpose / Business Critical

  • vCores: 4 / 8 / 16

  • Storage Size (per DB): e.g. 100 GB

  • I/O Throughput Tier: Standard / Premium

  • Query Store: Enabled

  • Index Management Strategy: Manual / Automated

Backup and Restore

  • Automated Backups: Enabled
    • Retention: 7 / 14 / 35 days
  • Long-Term Retention (LTR):
    • Configured for DB: Yes / No
    • Retention Duration: 1 year
  • Geo-Backup: Enabled
  • Restore Tested: Yes – last tested on YYYY-MM-DD

Monitoring and Alerting

Monitoring Tools/Process

  • Azure Monitor / Log Analytics / SQL Insights
  • Diagnostic Settings: Enabled

Alerts Configured

Alert Name Metric Threshold Action Group
High CPU CPU > 85% 15 mins dba-alerts@domain.com
Blocked Processes Block count >5 10 mins slack-dba, pagerduty

Maintenance Procedures

  • Patch Management:

    • Maintenance window: Configured / Default
  • Index Optimization:

    • Schedule: Weekly on Sunday at 3 AM
    • Script Location: scripts/optimize_indexes.sql
  • Statistics Update:

    • Auto Update Stats: Enabled

Disaster Recovery

  • DR Playbook Location: [Link to SOP or internal docs]

Change Management

Schema Deployment Process

  • Git-based, CI/CD with Azure DevOps pipelines
  • Approval process: Change board / Team lead
  • Link to guide

Rollback Process

Known Issues

  • e.g., "Intermittent deadlocks on ReportingDB during ETL window"
  • e.g., "Connection pool saturation under BI load"

Contact and Support

  • Name (Email)

  • Submit Request

  • Additional Support:
    Microsoft Unified Support
    SLA Tier: Premium


Updated on August 7, 2025