- Organization Modeling in Orchestrator
- Automation Best Practices
- Optimizing Unattended Infrastructure Using Machine Templates
- Organizing Resources With Tags
- Orchestrator Read-only Replica
- Exporting grids in the background
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Storing Unattended Robot Credentials in AWS Secrets Manager (read Only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- Elastic Robot Orchestration
- Automation Cloud™ Robots - VM
- Automation Cloud™ Robots - Serverless
- Configuring VPN for Cloud Robots
- Bulk Uploading Queue Items Using a CSV File
- Managing Queues in Orchestrator
- Managing Queues in Studio
- Review Requests
- Test Automation
Elastic Robot Orchestration
Elastic robot orchestration provides a way to automatically scale your unattended robots by allowing UiPath to scale and manage your robots for you, in the cloud. We manage them on your behalf, but they are still in your cloud, and you can choose how much of the robot orchestration process you want to delegate to us.
You can customize the auto-scaling strategy of robots through controls such as:
- setting a maximum number of machines you want to allow us to create
- choosing to optimize for speed, for cost, or choosing a balanced model
- scheduling different settings for certain periods when, by exception, you need more or less speed.
Supported Cloud Providers
You can use one of the following cloud service providers to host your virtual machines (VMs) in the cloud for elastic robot orchestration:
- Amazon Web Services (AWS)
- Google Cloud Platform (GCP)
- Microsoft Azure
Machine Provisioning Options
- Create a generalized virtual machine image that we use as a template to create machines on demand whenever a robot needs to run a job. You can set the limits for how many and when we create these machines and then leave it to us to get the job done.
- Add your custom virtual machines to use when robots are needed to run processes.
Here is a summary of the differences between the two options:
Manually Create Machines
Automatically Create Machines
Create and delete machines
you create and delete the machines yourself
we can automatically create new machines when needed for better performance and delete any machines not in use
limited to the number of machines provided
we create as many machines as needed to optimally handle the workload, within parameters you set
Virtual machine setup
set up multiple individual VMs
set up a single VM image
Install and set up UiPath Robot on each machine
Connect to Orchestrator
Start and stop VMs
customize the VMs you use (domain-joined, machine size, machine name, network options, and more)
VM image must be configured as recommended on this page for each type of cloud provider.
The setup process in Orchestrator is similar for both cloud service providers. The main differences are in how you set up each provider and create the virtual machines.
Here is an overview of the process when using Microsoft Azure as the cloud services provider and a generalized virtual machine:
All cloud robot VMs contain a hypervisor agent (
UiPath VM Agent), which ensures the running of VMs. You can find it in your CSP installation folder. Add this agent to your allow-list, so that your security agents do not remove or block it.
We advise against imposing restrictions on your cloud provider subscription that might block the deployment of specific resources, as these resources are crucial to the successful creation and functioning of virtual machines.
You need a Microsoft Azure subscription for hosting your cloud robots.
You must set up Azure and get the following details from your Azure administrator to connect Orchestrator:
- Client Id - the unique identifier for the client app registration
- Client Secret Key - the password for the app registration
- Subscription Id - the unique key for your organization's Azure subscription
- Directory (tenant) Id - the unique key for the tenant you use within the Azure subscription.
For instructions, see Setup in Azure below.
You need an Amazon Web Services (AWS) subscription with Amazon Elastic Compute Cloud (Amazon EC2) for hosting your cloud robots.
You must set up AWS and get an AWS access key from your AWS administrator, which consists of:
- Access Key ID - the unique identifier for the Orchestrator connection
- Secret Access Key - the password for this connection.
These are long-term credentials and, like a username and password, Orchestrator needs to use the access key ID and secret access key together to authenticate requests it makes to the AWS API.
For instructions, see Setup in AWS below.
You need a Google Cloud Platform (GCP) subscription which includes Compute Engine for hosting your cloud robots.
You must set up a GCP project and get the following details from your GCP administrator to connect Orchestrator:
- Client Id - the unique identifier for your GCP project
- Private Key - the key for the GCP service account used for the integration.
For instructions, sSee Setup in GCP below.
Cloud Provider Setup
Setup in Azure
If your cloud service provider is Microsoft Azure, follow the instructions in this section to prepare to connect Orchestrator to Azure.
- Sign in to Azure with an administrator account.
- Navigate to App registrations and create an app registration for your Orchestrator instance.
- Copy the Application (Client) ID and Directory (Tenant) ID and save them for later use.
- Navigate to Certificates & secrets and create a client secret.
- Copy the Value of the client secret and save it for later use.
- Navigate to Resource groups and create a resource group for your Orchestrator.
- Copy the Subscription ID and save it for later use.If you already have a resource group that you want to use, open the overview for that resource group to get the Subscription ID.
- Navigate to Access Control (IAM), search for the name you gave to your Orchestrator app registration, and assign the Contributor role to it.
Setup in Azure: Preparing a Virtual Machine Image
Robots need a machine on which to run. As part of elastic robot orchestration, we can use your cloud-hosted virtual machine (VM) to create machines on demand for robots to run when needed.
When creating a virtual machine in Azure, Microsoft provides a set of images to build your virtual machines. They are images of different operating systems, such as Windows Server or Windows 10 Pro, that allow you to install the software you need to run automation jobs.
To capture a virtual machine image:
- Create a virtual machine in your Azure account and connect to it:
- Create the local user and install the needed automation software:Important: Do not join the virtual machine to a domain.
Important: If you have installed the robot (optional), make sure you do not connect it to Orchestrator, otherwise you won't be able to use the Virtual Machine image.
- Update Windows and reboot if necessary.
- Create a local user for the unattended robot (for example,
uirobot). Assign the Administrator role to the local user, clear User must change password at next login, and select Password never expires.
- Grant remote access permissions on the virtual machine to the local user.
- Log out from the administrator account and log in as the local user.
- Install any supporting software you need for automations, such as Microsoft Excel or Google Chrome. You do not need to install UiPath software, we do that for you.
- Log out from the robot account and log in as an administrator.
- Create a generalized Virtual Machine image:Use the Sysprep tool to generalize the virtual machine.Note:
sysprep.exedisconnects your session halfway through.
- After the status of the virtual machine changes to Stopped, create a managed image of your virtual machine.Note: Select the same resource group as for the virtual machine. Also, select No, capture only a managed image.
You now have a fully configured image that you can use to create new virtual machines for automation.
Setup in AWS
If you cloud services provider is Amazon Web Services (AWS), follow the instructions in this section to configure Amazon Elastic Compute Cloud (Amazon EC2) for elastic robot orchestration.
AWS best practices
Choosing the right AWS region: Ensure Amazon Virtual Private Cloud (Amazon VPC) is located in an appropriate region. We recommend you always pick the AWS region that is closest to the region where your Orchestrator instance is hosted when creating an elastic robot pool. Consider both latency and data transfer costs between Orchestrator, Robots, and the customer application when determining the location of the VPC. Contact the UiPath support team for details on how to allocate all your assets close to each other. Learn more about regions and instances in the Getting Started guide.
Capacity and cost optimization: Ensure Amazon Elastic Compute Cloud (Amazon EC2) resources are sized appropriately according to the deployment, customer requirements, and UiPath best practices. Amazon EC2 passes on to you the financial benefits of Amazon’s scale. See Amazon EC2 Instance Purchasing Options for a more detailed description of Amazon EC2 pricing. UiPath allows you to use your existing machines to take advantage of your optimized EC2 size configuration. We recommend downsizing or terminating idle or underutilized Amazon EC2 instances to optimize costs.
Calculate the costs: You can use the AWS pricing calculator to get an estimate of Total Cost of Ownership (TCO) for UiPath infrastructure deployed on AWS, by using the AWS label
UiPath:Managed: true. The cost displayed in the calculator is for the infrastructure only. To get a more accurate TCO value, also consider the
cost of UiPath licenses.
Setup in AWS: Generate an AWS Access Key
- Log in to the Amazon EC2 console as a user who has the following permissions:
Read / List
- Follow the Amazon documentation to create an access key.
- Save the access key ID and secret access key for later use.
Setup in AWS: Create an AWS EC2 Image
- Log in to the Amazon EC2 console.
- Follow the Amazon documentation to create an AWS EC2 instance and perform the following as part of the process:
- For the AMI, choose a Windows 10 or a Windows Server image. If one does not exist, you must create it.
- While connected over RDP, install any Windows updates and reboot if necessary.
- After rebooting, install any supporting applications you need for automations, such as Microsoft Excel or Google Chrome. You do not need to install UiPath software, we do that for you.
- Delete the folder C:\Windows\Panther.
- Create a Windows local user for the robot, for example,
robotand grant remote desktop rights to it.
- Press Ctrl + Alt + Delete and change the password for the robot user.
- Open the Ec2 Launch Settings and click Shutdown with Sysprep along the bottom.
Sysprep is a Microsoft tool and you use it to create a generalized machine image for EC2.
- After Sysprep finishes, in the Amazon EC2 console, wait for the instance to shut down, then right-click and go to Image and templates > Create image:
You can see the new image in the Amazon EC2 console, on the left under Images > AMIs. You now have a fully configured image that you can use to create new virtual machines for automation.
Setup in GCP
If your cloud service provider is Google Cloud Platform (GCP), follow the instructions in this section to prepare to connect Orchestrator to GCP.
Setup in GCP: Creating Virtual Machines
If you want to use elastic robot orchestration and have us create machines for you on demand, you must create custom machine images in your GCP project.
The following instructions are a sample configuration for creating an image from a persistent disk, which is created from an existing Windows VM you have under your project.
- Log in to the Google Cloud Console.
- Click Compute Engine, and then under Virtual machines click VM instances.
- Click Create Instance at the top of the page.
- Fill in the details as follows:
- For Name,Region, and Zone, you can specify whatever you want.
- For Machine configuration, you can leave the default values.
- Under Boot disk, click Change and then click Public Images.
- For Operating system, select Windows.
- Under Version select any of the Windows Server 2019 options.
- You can accept the defaults for Boot disk type and Size (GB), or you can modify them according to your needs.
- Click Create.
- After boot disk is ready, you can click Create and GCP creates the virtual machine (VM) for you.
- To be able to use a custom image created from the VM, stop the VM you just created.
- At the side of the page, go to Storage and click Images.
- At the top of the page, click Create Image.
- Continue with these instructions to create a Windows image.
Setup in Orchestrator
Now that your cloud service provider is set up, you can proceed to connect Orchestrator to it and set up the elastic robots.
Configuring the Cloud Provider Connection
- Go to Tenant > Settings.
- On the tenant's Settings page, select the Cloud Connections tab.
- Click the Add Cloud Provider Subscription icon and select your provider:
- Type a name for the connection on the left.
- Add the cloud connection details applicable for the selected cloud provider, as specified above in the Requirements section:
- Click Save.
Your provider validates the information and then connects your Orchestrator.
Creating an Elastic Robot Pool
To connect elastic robots to Orchestrator in the cloud, you need to provision a machine template of the type Elastic robot pool. This machine template is used when UiPath manages the robots and they run in your cloud.
When creating the elastic robot pool, you have two options:
- You can allow us to automatically create machines when they're needed based on your generalized cloud VM. This automates the provisioning process for both machines and robots. Whenever a process needs to run, the required number of machines are created. In addition, when the elastic robot pool is first used, we install the required UiPath software to run the robot on the new machines.
- (AWS or Azure only) You can add specific VMs that you want us to use for elastic robot orchestration. This is a limited version of elastic robot orchestration where we can start and stop the VM as needed to run processes and install the required UiPath software to run the robot, but we only use the specified machines. We cannot create new machines for you, nor can we remove machines that you created.
To create the elastic robot pool:
- Select Tenant in the top left and then go to Machines.
- Click Add machine in the top right of the page and select Elastic Robot Pool:
The Add Elastic Robot Pool page opens on the General Details tab.
- Enter a name and, optionally, add a description for the elastic robot pool.
- In the Runtime details section, enter the number of Production (Unattended), NonProduction, or Testing runtimes (robot licenses) needed for each machine that is created based on this template.
We recommend selecting 1 (one) runtime for Unattended and 0 (zero) for NonProduction and Testing.
If you are running Test Sets, set one (1) runtime for test execution slots.
- Click Next to configure VM & runtime details.
- On the right, under Profile Scheduling, select the default profile, which controls how you want us to prioritize machine allocation:
- Cost Efficient: minimize the CSP costs of running VMs at the expense of increased wait time for pending jobs needing to be scheduled
- Balanced: balance between CSP costs with running VMs and speeding up job scheduling
Fast: minimize the scheduling wait time of pending jobs at the expense of increased costs with running VMs.Note: For each of the options above, we determine when it's time to allocate or deallocate a machine by considering several details, including the number of VMs that are running, the amount of time to wait for a machine to become available, the number of job items queued for a machine, and the cooldown time.
Advanced: manually set parameters to control how quickly new machines are allocated when needed:Important: Using the Advanced profile can incur additional CSP costs since it can keep machines running longer, depending on the settings you use.
- To configure an Advanced profile:
- Select the Advanced option as the default profile. The advanced setup expands.
- Configure the Allocation Speed, which determines how fast the machines are allocated to your pool.
- In the Standby Machines field, enter the minimum number of machines to accept workloads.
- In the Idle Machine Timeout, enter the number of minutes the machine can remain in an idle state, meaning it does not process any workloads and it is not used as a standby machine. After this time, the machine is shut down. Automatically created machines are removed from the pool.
- In the Machine Details section, from the Cloud Connection list, select the cloud service provider connection you previously created in Orchestrator.
- For Azure, select the Resource Group used for the connection.
For AWS, select the Region.
For GCP, select the Zone.
- If you want us to use your VM template to automatically provision machines and robots on demand, keep the Automatically Create Machines toggle switched on.
To use your custom VMs, switch the toggle off.Note:
For GCP, this option is not available.
- From the Machine Image or Machine(s) list, select the VM template or the custom VMs you created for elastic robot orchestration, respectively.
Note: Adding a machine template for Azure images may take up to 15 minutes.
- If you have switched off Automatically Create Machines, we only use the selected machines for elastic robot orchestration. When choosing this option, make sure that the machines
you select are not used in any other elastic robot pool. In addition, for VMs hosted in AWS, the AWS EC2 Instance must have
AmazonSSMManagedInstanceCoreinstance profile attached. For instructions, see the AWS documentation.
- If Automatically Create Machines is switched on, we use the selected template to create the required number of machines when needed.
- If you have switched off Automatically Create Machines, we only use the selected machines for elastic robot orchestration. When choosing this option, make sure that the machines you select are not used in any other elastic robot pool. In addition, for VMs hosted in AWS, the AWS EC2 Instance must have the
- If you have switched off Automatically Create Machines, click Finish in the bottom-right and skip the remaining steps.
- For Maximum no. of Machines, select one of the following options:
- Use the max available: when you want to allow the pool to scale up to the maximum available licenses for the tenant. Your cloud provider subscription plan may limit the maximum value.
- Specify a limit: if you want to limit the maximum number of machines, select this option and type in the maximum number of machines we can create.
- Click Advanced Settings to show additional options.
- From the Machine Size list, select one of the available options:
- Small: dual-core processor, 8 GB RAM;
- Medium: quad-core processor, 16 GB RAM;
Large: 8-core processor, 32 GB RAM.Note: The size of the machine depends on your cloud subscription. A small-sized machine is typically sufficient for day-to-day automations.
- From the Virtual Network list, you can select Automatic to allow your machine template to provision its own virtual network, or select the virtual network used for your cloud provider
to use that virtual network and subnet, if defined.
- Click Next for Pool configurations.
(Optional) To set a delayed update of UiPath software on your machines, switch
on the Software update settings toggle. The following options are
Instant auto-update (recommended)
This is the default and recommended option. UiPath software on your machines, such as UiPath Robot, Studio, or Assistant, is updated to the latest Enterprise version within two weeks.
The update applies to all machines in the pool.
Select this option to update UiPath software on your machines to the version preceding the latest one.
A delayed auto-update depends on the software version present at the time of adding a machine in the pool. For example, if a machine was added when version 2023.4 was latest, the delayed auto-update installs the 2022.10 software version. After 2023.10 is released, the delayed auto-update installs the 2023.4 sofware version.
The update applies to all machines in the pool.Note:
This option is designed to create a buffer period for adjusting your automations before transitioning to the latest Enterprise version. It does not update UiPath software to the latest version, but to the one preceding it.Important:
The Delayed auto-update option does not downgrade Robot versions newer than the suggested one.Warning:
Versions with security fixes are automatically installed, regardless of the chosen software update option.
- Click Finish.
Your elastic robot pool is now set up and ready to be used in a modern folder to run jobs.
Do not interfere with the cloud resources (VMs, images) once you add them to an elastic robot pool.
do not power cycle the VM manually,
do not delete the VM from the CSP while it is still in the pool, or
do not connect or disconnect the Robot to/from Orchestrator.
Configuring the Modern Folder and Account Roles
You need to add the elastic robot pool to a modern folder and grant automation permissions for the folder to the account that uses the virtual machine.
- Select a modern folder on the left and go to Settings> Machines.
- In the top right of the page, click Manage Machines in Folder.
- Select the elastic robot pool and click Update.
- Switch to the Manage Access page to see the available accounts.
- If the account you want to be running the automations, which should be the local user of the virtual machine, is not listed,
add it and give it the Robot role.Note: We recommend using a robot account, which is a type of account dedicated for running unattended automations.
- At the right of the account row, click the More Actions icon and select Edit. Make the following changes:
- For Robot Setup > Attended Robot, switch the toggle off. (Not applicable for robot accounts.)
- For Robot Setup > Unattended Robot, switch the toggle on. (Already enabled for robot accounts.)
- Select the Run foreground automations (Credentials required) checkbox. In the Domain\Username field, type
.\uirobot). In the Passwordfield, type the account password.
- For Robot Settings, switch the toggle on for Login to console and select No to prevent the robot from timing out.
Your modern folder is now set up and the account is configured.
Now that setup in Orchestrator is also complete, you can start running automations in the cloud.
Test Running an Automation in the Cloud
Test the elastic robot orchestration setup by running your first automation in the cloud.
Creating the first virtual machine can take some time - from 10 minutes to several hours (observed only in Azure). A virtual machine must be available to run a job before you can test-run an automation.
The machines of the Elastic Robot Pool show up in the Machine dropdown when you create an automation. The runtime is the one set at Elastic Robot Pool creation.
Live streaming and remote control
While a job is in progress, you can access the live stream of the robot running the automation. If troubleshooting or debugging is needed, you can take control of the execution using your own mouse and keyboard, without pausing the automation.
The live streaming and remote control features are available for Automation Cloud Robots (both Serverless and VM), Elastic Robots, and Windows Robots version 2023.4+.
To enable live streaming and remote control, see Enabling the features.
You can monitor elastic robot orchestration to check for errors on the following pages:
- You can see pending jobs that are waiting for an available machine on the Jobs page. If jobs are pending longer than expected, check your cloud service provider setup to make sure everything is configured properly.
- In Azure, AWS, or GCP, you can see the virtual machines being created. You can also see the created virtual machines in Orchestrator, on the Monitoring page of the modern folder. When one becomes available, it is already connected to Orchestrator, so it runs the next pending job. If virtual machines are not being created, check the configuration of your machine template in your cloud service provider and the elastic robot pool in Orchestrator.
- On the Alerts page in Orchestrator, you can set the State filter to All to see details about the Cloud Robots component and see as new robots are created or any errors. To see alerts, you need to have the Alerts - View and Machines - View permissions from a role that is directly assigned to your account (not inherited from groups), and to be added to the folders where elastic robot orchestration is used.
Machine Pool Setup
With Automatically Create Machines switched off, if you find the machines you selected during setup are not shown when later editing the elastic robot pool, this may be caused by some machines being currently or previously allocated in your other elastic robot pools. You can use the same machine in only one elastic robot pool at a time.
To recover from this problem:
- Go to the Alerts page to find the message for machine import.
- Check the message to see if any machines got skipped. If so, continue with this process. Otherwise, check the configuration of the VM in your cloud service provider.
- Remove the machine from any other pools.
- Wait for the current task running on the machine to get terminated, usually less than 1 minute.
- Add the machine in the elastic robot pool.
Machine Provisioning Failed (AWS Only)
If you are using AWS and machine provisioning failed with the error Machine provisioning failed and the details include
status CREATE_FAILED for stack <name>, you can track stack events to determine the cause.
Errors can occur during CloudFormation stack creation, most frequently due to AWS permissions or quota.
To recover from this problem:
- Log in to the CloudFormation portal at https://console.aws.amazon.com/cloudformation/.
- Select Stacks.
- Select the stack indicated in the error details. It shows the CREATE_FAILED message:
- Check the Status reason column for information about the cause of the error.
- Resolve the cause.
- In Orchestrator, go to Tenant > Machines and edit the elastic robot pool to force creating a new version of the pool. For example, change the Size value, save, then edit it again to change back to the original value, and save.
The CloudFormation stack cannot resume or retry by itself once it has failed. Making changes to the elastic robot pool triggers the process to start again.
Frequently Asked Questions
Will the machine images that I created be automatically updated with the latest Windows version and updates?
No. If you want to have the latest Windows version and updates, you need to rebuild your image in the cloud services provider (CSP).
When are UiPath Robot updates applied?
We take care to update your VMs to use the latest version of UiPath Robot within approximately 2 weeks of a new version becoming available.
The update happens:
- when a machine needing an update first starts
- before a machine that was running jobs shuts down
- for machines that are in constant use and are not able to receive the update for 2 weeks since the update was available, we schedule a short maintenance window on the machine to apply the update.
- Supported Cloud Providers
- Machine Provisioning Options
- Sample Configuration
- Azure Requirements
- AWS Requirements
- GCP Requirements
- Cloud Provider Setup
- Setup in Azure
- Setup in Azure: Preparing a Virtual Machine Image
- Setup in AWS
- Setup in AWS: Generate an AWS Access Key
- Setup in AWS: Create an AWS EC2 Image
- Setup in GCP
- Setup in GCP: Creating Virtual Machines
- Setup in Orchestrator
- Configuring the Cloud Provider Connection
- Creating an Elastic Robot Pool
- Configuring the Modern Folder and Account Roles
- Test Running an Automation in the Cloud
- Live streaming and remote control
- Machine Pool Setup
- Machine Provisioning Failed (AWS Only)
- Frequently Asked Questions
- Will the machine images that I created be automatically updated with the latest Windows version and updates?
- When are UiPath Robot updates applied?