2023.10.0
Release date: April 25, 2024
- Automation Hub
- Process Mining
- Test Manager
- Insights
Release date: November 22, 2023
We have released a new version of UiPath.OrganizationMigrationApp, the tool helping you migrate from a standalone product to Automation Suite. The new version of the tool now enables you to migrate to Automation Suite 2023.10.0.
For more details, see Migrating standalone products to Automation Suite.
Release date: November 3, 2023
If you are already using Automation Suite on Linux, but you now think that Automation Suite on EKS/AKS would better cater to your needs, we have good news for you. Migrating to a new installation of Automation Suite on EKS/AKS is now possible.
Note that currently you cannot migrate from Automation Suite embedded to an existing installation of Automation Suite on EKS/AKS.
For details on the requirements, required data migration operations, and step-by-step instructions, see Migrating from Automation Suite on Linux to Automation Suite on EKS/AKS.
We are happy to announce that you can install Automation Suite on EKS/AKS in offline environments. That means that you can completely isolate your setup, and no internet access is needed to perform an installation.
While most of the installation flow is the same as the one for online deployments, there is one additional requirement that you must meet to carry out an offline installation. You need an OCI-compliant registry to store all the container images and binaries of the UiPath® products.
For detailed installation instructions, see Installing Automation Suite on EKS/AKS.
For details on the deployment types and architecture, see Deployment scenarios.
If you must comply with the Federal Information Processing Standard 140-2 (FIPS 140-2), we are happy to announce that you can now install Automation Suite on AKS nodes with FIPS 140-2 enabled.
We have prepared a set of instructions for you to easily enable FIPS 140-2 on the Security and compliance page.
We have made substantial enhancements to the external Docker registry. You can now benefit from these new functionalities:
-
Your external Docker registry can be equipped with its private certificate, giving you an additional layer of security.
-
In addition to the usage of a mirror registry script, which requires internet access to copy the Automation Suite artifacts, we now support the
hydrate-registry.sh
script. This script will take an offline tar bundle, unpack it, and upload its content directly to the external Docker registry, providing more flexibility and options for managing your registry.
external_object_storage.disable_pre_signed_url
flag to true
in the input.json
file during installation. Note that changing the value of this flag at a later point is not possible.
Before disabling pre-signed URL access, take into account that this is a global configuration, and you cannot override it at the product level. Aside from that, Task Mining and a series of activities do not support this configuration.
For more details, see External object store configuration.
You can now choose who provisions and manages the Istio component. While previously it was us that bundled Istio in Automation Suite, you can now bring the component yourself. If you choose the latter, you are responsible for ensuring the Istio component is supported. For details, see the Compatibility matrix.
uipathctl
installer. For configuration instructions, see Configuring input.json.
We now support custom taints and tolerations on the cluster nodes in Automation Suite on EKS/AKS. For configuration instructions, see Configuring input.json.
uipath-check
namespace. You must either allow the creation of the uipath-check
namespace or create it yourself before running the checks/tests. In addition to this, some checks/tests require that you
allow the communication between the uipath-check
and uipath
namespaces, or that you enable the use of hostNetwork
.
While our existing AAD integration offers automatic attribute mapping, this release introduces the ability for organizations to use custom attribute mappings.
We're launching with custom mapping support for the Business unit attribute which allows you to map attributes like organization divisions with the Business Unit field in the UiPath® platform. This mapping can enhance the contextual understanding of users in your organization and can help integrate user identities with services such as Automation Hub.
You can map the Business unit attribute based on Azure AD attributes or via SAML.
Audit log messages change
User <administrator_name> deallocated all licenses of
user(s) <user_names>
.
AI Units allocation
AI units can now also be allocated at the tenant level. This is done from the license allocation window corresponding to the desired tenant in the Admin section.
License allocation endpoints
Two new endpoints are available for allocating licenses from the API:
GET/api/account/{accountId}/user-license/group/{groupId}
- call this endpoint to retrieve a list of all available user licenses for creating or editing a group.
- You need View permission on License to use this endpoint.
PUT/api/account/{accountId}/user-license/group/{groupId}
- call this endpoint to allocate or update a group rule.
- You need Write permission on License to use this endpoint.
We're excited to announce the latest enhancement to our platform's access control capabilities — the introduction of a new user group: Citizen Developers. This new group is defined at the organization level and will be seamlessly integrated across all services within the platform.
With the Citizen Developers group, citizen developers can access resources pertinent to their work without any unnecessary access clutter, leading to reduced overhead for your administrators.
To learn more about how the user group is integrated into the various services within the platform, refer to the product documentation.
uipathtools
and contains a subset of uipathctl
capabilities specific to health commands. To make sure you have access to mitigation steps in a timely manner, we plan to
provide updates to uipathtools
at a higher cadence than our standard releases.
uipathctl
binaries for Windows and MacOS are now signed with the uipath.com
certificate, and no warning is shown when running them.
We have made significant improvements in the area of prerequisites and health checks. These enhancements are designed to make your experience smoother and more efficient. Here's what's new:
-
Improved Storage Class prerequisite: The StorageClass prerequisite, which previously took a considerable amount of time, has been significantly optimized. You will now experience faster execution, reducing setup time for your deployments.
-
Streamlined tests and checks: All tests and checks have been consolidated into the "uipath-check" namespace, providing a more organized and efficient testing environment.
-
Enhanced post-test handling: Following test execution, the namespace and pods may remain active for a brief period. This is done to ensure you have ample time to review logs in case of any failures, enabling more effective troubleshooting.
-
New Kube-API connectivity check: We have introduced a new check to verify kube-api connectivity from every node, enhancing the reliability of your environment. We have introduced a check that verifies continuous connectivity for 15 seconds by retrieving server version from the kube-api server from each node.
-
Improved capacity checks: Capacity checks have been optimized to provide a more accurate representation of your cluster's capacity by disregarding pending pods when calculating pod limits. This ensures that the reported capacity aligns with your actual operational resources.
-
Automation Express licenses were available for allocation in on-premises deployments, despite them being solely intended for cloud environments. The issue is now fixed.
-
Data Service units were not granted to organizations that had Action Center - Named User licenses. The issue is now fixed.
-
When you deleted an organization, its licenses were not released. Now, any licenses allocated to an organization go back to the license pool once the organization is deleted.
-
The
minLevel
NLog setting in the config map was not being honored. The defaultminLevel
is "Info" indicating that logs of "Info" severity and above should have been logged. However, theminLevel
was not being considered, and logs with lower severity levels, specifically "Trace" and "Debug," were also being written to the logs. -
Previously, there was an issue where well-known SIDs were inadvertently included when retrieving security groups, leading to unexpected behavior. Well-known SIDs are no longer included when fetching security groups, ensuring smoother and more predictable functionality.
-
After upgrading to version 2022.10.1 or later, logging into the host tenant, then logging out, and subsequently switching to a different tenant resulted in redirection back to the previous log-out location instead of the selected tenant. Now, after logging out and switching tenants, you will be correctly redirected to the selected tenant's page instead of the previous log-out location.
/dashboard
between the existing /dashboard
and /new
or /import
.
We recommend using Splunk and forwarding application logs there.
Occasionally, performing a restore operation in Automation Suite on AKS might cause Task Mining and Automation Suite Robots applications to go in degraded state with the following error:
Warning FailedAttachVolume 106s (x30 over 46m) attachdetach-controller AttachVolume.Attach failed for volume "pvc-358781ec-d9be-4b54-9099-4a44bdc59294" : rpc error: code = NotFound desc = Volume not found, failed with error: Retriable: false, RetryAfter: 0s, HTTPStatusCode: 403, RawError: {"error":{"code":"AuthorizationFailed","message":"The client '29683acd-8bb9-4041-a725-5afc5804535c' with object id '29683acd-8bb9-4041-a725-5afc5804535c' does not have authorization to perform action 'Microsoft.Compute/disks/read' over scope '/subscriptions/b65b0225-ce9b-4a79-9dd9-c00071d40d64/resourceGroups/MC_ci-asaks4489877_ci-asaks4489877_centralus/providers/Microsoft.Compute/disks/restore-755f25c3-ddf0-4d7f-b81c-5379ec6b4720' or the scope is invalid. If access was recently granted, please refresh your credentials."}}
Warning FailedAttachVolume 106s (x30 over 46m) attachdetach-controller AttachVolume.Attach failed for volume "pvc-358781ec-d9be-4b54-9099-4a44bdc59294" : rpc error: code = NotFound desc = Volume not found, failed with error: Retriable: false, RetryAfter: 0s, HTTPStatusCode: 403, RawError: {"error":{"code":"AuthorizationFailed","message":"The client '29683acd-8bb9-4041-a725-5afc5804535c' with object id '29683acd-8bb9-4041-a725-5afc5804535c' does not have authorization to perform action 'Microsoft.Compute/disks/read' over scope '/subscriptions/b65b0225-ce9b-4a79-9dd9-c00071d40d64/resourceGroups/MC_ci-asaks4489877_ci-asaks4489877_centralus/providers/Microsoft.Compute/disks/restore-755f25c3-ddf0-4d7f-b81c-5379ec6b4720' or the scope is invalid. If access was recently granted, please refresh your credentials."}}
To fix the issue, provide the mentioned client the necessary permissions to access your environment.
After a Disaster Recovery, Dapr is not restored properly, and the certificates needed by dapr to provide services for Process Mining and Task Mining are incorrect. The dapr, processmining, and taskmining applications appear to be healthy first, but will then go back to progressing state and the environment becomes unstable. When logging in to Process Mining or Task Mining, the application may not load, or return unexpected errors.
See Process Mining troubleshooting for a description of the steps you should take to resolve the issue.
In certain situations, the Out of the Box Packages installer can fail. If this happens, some ML Package versions will be missing in Document Understanding. To fix this, you can either trigger the ArgoCD sync, or wait until the ArgoCD sync triggers the installer automatically to reinstall the packages.
{
for PYODBC.
If you are using a proxy setup, you may run into issues when trying to launch Automation Hub and Apps.
See Automation Suite on EKS/AKS troubleshooting for a description of the steps you should take to resolve the issue.
When upgrading from 2023.4.3 to 2023.10, you run into issues with provisioning AI Center.
"exception":"sun.security.pkcs11.wrapper.PKCS11Exception: CKR_KEY_SIZE_RANGE
ai-trainer
deployment. To do this, run the following command:
kubectl -n uipath rollout restart deploy ai-trainer-deployment
kubectl -n uipath rollout restart deploy ai-trainer-deployment
We recommend that you regularly check the deprecation timeline for any updates regarding features that will be deprecated and removed.
To find out what has changed on each Automation Suite product, visit the following links.
If the product is greyed out, this new Automation Suite version does not bring any changes to it.
DISCOVER | BUILD | MANAGE | ENGAGE |
---|---|---|---|
AI Center 2023.10.0 | Action Center 2023.10.0 | ||
Task Mining 2023.10.0 | AI Computer Vision 2023.4.3 | Insights 2023.10.0 | Apps 2023.10.0 |
Document Understanding 2023.10.0 | Orchestrator 2023.10.0 | ||
Test Manager 2023.10.0 | |||
- Changes to license-related tenant limitations
- New UiPath.OrganizationMigrationApp version released
- What's new
- Migration from Automation Suite on Linux to Automation Suite on EKS/AKS
- Support for offline installations
- Support for enabling FIPS 140-2 on AKS nodes
- Enhanced features for external Docker registry
- Objectstore access without pre-signed URLs
- Bring your own Istio
- Custom namespace labels
- Custom taints and tolerations
- New requirements for running prerequisite and health checks/tests
- IMDSv2 support
- Custom attribute mapping for AAD
- Licensing news
- Introducing the Citizen Developers user group
- Improvements
- Improved troubleshooting experience
- uipathctl certification
- Prerequisites and health check enhancements
- Admin bug fixes
- Known issues
- Issues affecting Grafana dasboards
- Issues affecting log forwarding to government cloud storage
- Task Mining and Automation Suite Robots in degraded state after restore from a backup
- After Disaster Recovery Dapr is not working properly for Process Mining and Task Mining
- Document Understanding Out of the Box Packages versions missing
- Character not allowed when setting connection string for Document Understanding
- Unable to launch Automation Hub and Apps with proxy setup
- AI Center provisioning failure after upgrading to 2023.10
- Deprecation timeline
- Bundling details
- Product versions
- Internal third-party component versions