automation-ops
latest
false
Automation Ops User Guide
Automation CloudAutomation Cloud Public SectorAutomation Suite
Last updated Oct 23, 2024

Deploy Governance Policies

You can deploy policies at tenant, group, and user level for each product. Policies deployed at tenant level are applied to all the users in that tenant. For more granularity, you can apply different policies to specific groups or specific users. Deployments defined at user level override deployments at group level, which in turn override those at tenant level.

Important:

If you were previously using file-based governance, when you visit the Deployment page for the first time, Automation Ops™ overwrites any existing file-based governance in your environment.

As it is expected that any file-based governance to no longer apply, make sure you import your already existing policies to Automation Ops™ and deploy them from here.

In addition to the custom policies you define in Automation Ops™, two default deployment options are available for each product:

  • No Policy - Disables the enforcement of a governance policy from Automation Ops™ at the user, group, or tenant level.
  • Inherit - Inherits the governance policy from the higher level (user inherits from group and group inherits from tenant).

The policy that is applied for a product to a user is determined in the following order:

  1. When a policy is deployed at user level, the policy is applied to the user.

    • If a custom policy created in Automation Ops™ is selected, the policy overrides any policy deployed at group or tenant level.
    • If the No Policy option is selected, the product is not governed by Automation Ops™ for the user, overriding any policy deployed at group or tenant level.
    • If the Inherit option is selected, the policy defined at group level is applied. If one does not exist, the tenant-level policy is applied.
  2. When no policy deployment is defined at user level:

    • If the user is part of a group and a policy is deployed at group level, the group policy is applied to the user.

      • If a custom policy created in Automation Ops™ is selected, the policy overrides any policy deployed at tenant level.
      • If the No Policy option is selected, the product is not governed by Automation Ops™ for the user, overriding any policy deployed at tenant level.
      • If the Inherit option is selected, the policy defined at tenant level is applied.
    • If the user is part of multiple groups where a policy is deployed, the custom policy with the lowest priority value is applied to the user. If no custom policies are deployed at group level, any No Policy group deployment takes precedence over Inherit.
  3. When no policy deployment is defined at user or group level, the policy deployed at tenant level for the product is applied to the user.

    • If the No Policy option is selected, the product is not governed by Automation Ops™ for the user.
  4. For StudioX, Studio, and Studio Pro, when the product is not governed by Automation Ops™ (the No Policy option is applied to the user), the policy enforced using the file-based governance model is applied, if available.
Note:
The policies deployed from Automation Ops™ are applied when the user signs in to their account from the governed application. If the user is already signed in:
  • For Studio and Assistant, the policies are applied when the users restart the application.
  • For Studio Web, the policies are applied when the users sign out and then sign back in and refresh all open Studio Web tabs.

When Studio is governed using Automation Ops™, the policy name is displayed in the Help tab in Studio Backstage View. When hovering over the policy name, a tooltip is displayed that indicates Config source: Modern Governance.

Messages displayed in Studio windows that contain settings that are governed inform the user that functionality may be restricted by the company policy. For example, such a message appears in the Manage Sources tab in Studio Backstage View and in the Workflow Analyzer tab in the Project Settings window.

Deploy Policies at Tenant Level

  1. Navigate to Automation Ops™ from the left-side navigation bar.
  2. Select Governance > Deployments, and then select the Tenants tab.

    The tenants in the organization are displayed. You can click Refresh above the table on the page to update the list of tenants.

  3. Select the tenant for which to deploy policies.

    A list of license types available for the supported products is displayed. For each type of license, define policies for the products the license grants access to.

  4. Select a license type, and then, for each product in the Product column, select a policy from the dropdown in the Product Policy Column.
    • No License - Select policies for AI Trust Layer (Preview) and Studio Web.
    • Attended - Select policies for Assistant and Robot.
    • RPA Developer - Select policies for Studio, StudioX, Assistant, and Robot.
    • Automation Developer - Select policies for Studio Pro, Studio, StudioX, Assistant, and Robot.
    • Citizen Developer - Select policies for StudioX, Assistant, and Robot.
    • Unattended Robot - Select policies for Robot.
      Note: A policy deployed on the Unattended Robot license applies to any of the robot licenses: Production, Testing, NonProduction.

    By default, the No Policy option is selected for each product (no governance policy is deployed).

  5. Click Save to apply the changes.

Deploy Policies at Group Level

  1. Navigate to Automation Ops™ from the left-side navigation bar.
  2. Select Governance > Deployments, and then select the Groups tab. The groups for which policies have already been deployed are displayed. You can click Refresh above the table on the page to update the list of groups.
    • To deploy policies for a new group, click Deployment for Group above the table. The Add group dialog box is displayed on the right side of the page. Proceed to step 2.
    • To edit an existing group policy deployment, select the group in the table. The Edit group dialog box is displayed on the right side of the page. Proceed to step 3.
  3. If you chose to add a new group deployment, select the group from the Name box. Start typing the group name to find matches for groups without policy deployments.
  4. Select a policy for each product. By default, the policy deployed at tenant level (Inherit (Tenant)) is selected for each product. If you don't want to apply any policy to this group, select No policy.
  5. Click Save to apply the changes.

Deploy Policies at User Level

  1. Navigate to Automation Ops™ from the left-side navigation bar.
  2. Select Governance > Deployments, and then select the Users tab. The users for which policies have already been deployed are displayed. You can click Refresh above the table on the page to update the list of users.
    • To deploy policies for a new user, click Deployment for User above the table. The Add user dialog box is displayed on the right side of the page. Proceed to step 2.
    • To edit an existing user policy deployment, select the user in the table. The Edit user dialog box is displayed on the right side of the page. Proceed to step 3.
  3. If you chose to add a new user deployment, select the user from the Email box. Start typing the user name to find matches for users with no policy deployments.
  4. Optional To view the policies available for the user ordered by priority, click View Policy Inheritance at the bottom of the dialog.
  5. Select a policy for each product. By default, the policy deployed at group level is selected. If no policy is deployed for any group the user is assigned to, the policy deployed at tenant level for that product is selected by default. If you don't want to apply any policy to this user, select No policy.
  6. Click Save to apply the changes.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.