UiPath Orchestrator

The UiPath Orchestrator Guide

AWS Deployment

Important!

This deployment plan is intended as a guiding example, to be used and customized according to the specific needs and practices of your company (i.e. removing public IPs, changing security groups, etc.).
Previous knowledge and experience working with AWS is highly recommended before undertaking this deployment.

Prerequisites

Before proceeding with your AWS deployment, make sure you have reviewed and complied with the following requirements:

Note:

Alternatively, you can copy only the needed scripts from the Terraform folders by viewing the Raw contents.

Installation

Single-Node Orchestrator Deployment

  1. Complete the variables.tf file with the necessary parameters:
Parameter
Description

aws_region

The region where Orchestrator is being deployed. By default this is set to eu-west-2 but can be edited.
See here for the supported Availability Zones.

access_key

The AWS access key.

secret_key

The secret/password for the associated access_key.

key_name

The name of the SSH keypair to use.

aws_app_instance_type

The AWS instance type used for Orchestrator. By default this is set to m4.large.

environment

The desired name of your environment. This is used as a prefix to tag the name of resources.

application

The application stack name, used as a prefix to tag the name of resources. By default, this is set to OrchestratorStack but can be edited.

db_username

The master username for your AWS Relational Database Service (RDS).

db_password

The password for the master username of your RDS.

db_name

The RDS database name.

environment

The RDS environment name, used as a prefix to name resources.

rds_allocated_storage

The allocated storage in GB.

rds_instance_class

The RDS instance type. By default this is set to db.m4.large.

rds_multi_az

Used to specify if the RDS instance is multi-Availability Zone. Set to false by default.

skip_final_snapshot

Used to specify if a final database snapshot is created before the DB instance is deleted. Set to true by default.

aws_availability_zones

The Availability Zones for each region.

orchestrator_password

The password for the Orchestrator admin user for the Host and Default tenants.

orchestrator_version

The version of Orchestrator. Set to 19.4.4 by default.

admin_password

The password for the Windows administrator account used to login to the provisioned VM's.

orchestrator_passphrase

Orchestrator passphrase used to generate NuGet API keys, App encryption keys, and Machine keys.

orchestrator_license

The license code for your Orchestrator instance.

  1. From the CLI, change to the directory of your Orchestrator plan. For example: cd C:\terraform.
  2. Run terraform init.
  3. Run terraform plan. Review the resources to be deployed and type terraform apply -auto-approve to deploy the resources.
    Note: You can run the command without -auto-approve and it will show all resources which will be deployed, but not begin until you type Yes to confirm.
  4. The deployment begins and should be completed in approximately 30 minutes, generating the following output:
Name
Description

public_ip

The public IP address assigned to your Orchestrator instance.

mssql_id

The ID of the MSSQL database instance.

mssql_address

The address of the MSSQL database instance.

public_dns

The public DNS name assigned to the Orchestrator instance.

Multi-Node Orchestrator Deployment

  1. Complete the variables.tf file with the necessary parameters:
Parameter
Description

aws_region

The region where Orchestrator is being deployed. By default this is set to eu-west-2 but can be edited.
See here for the supported Availability Zones.

access_key

The AWS access key.

secret_key

The secret/password for the associated access_key.

key_name

The name of the SSH keypair to use.

aws_app_instance_type

The AWS instance type used for Orchestrator. By default this is set to m4.large.

admin_password

The password for the Windows administrator account used to login to the provisioned VM's.

orchestrator_password

The password for the Orchestrator admin user for the Host and Default tenants.

orchestrator_passphrase

Orchestrator passphrase used to generate NuGet API keys, App encryption keys, and Machine keys.

orchestrator_license

The license code for your Orchestrator instance.

orchestrator_versions

The version of Orchestrator. Set to 19.10.15 by default.

haa-user

The email address of the High-Availability Addon admin user.

haa-password

The password of the HAA admin user.

haa-license

The license key for your HAA instance.

newSQL

Used to configure whether or not a new RDS database instance is created. The available values are:

  • No - the Default value, no new database is created.
  • Yes - a new RDS database instance is created.

db_username

The master username for your AWS Relational Database Service (RDS), or username for an existing database.

db_password

The password for the master username of your RDS, or password for the existing database user.

db_name

The name of your RDS database. If newSQL is set to Yes, the name of the existing database to be used.

sql_srv

The FQDN of your existing SQL Server, if any.

rds_allocated_storage

The allocated storage in GB.

rds_instance_class

The RDS instance type. By default this is set to db.m4.large.

rds_multi_az

Used to specify if the RDS instance is multi-Availability Zone. Set to false by default.

skip_final_snapshot

Used to specify if a final database snapshot is created before the DB instance is deleted. Set to true by default.

aws_availability_zones

The Availability Zones for each region.

environment

The RDS environment name, used as a prefix to name resources.

application

The application stack name, used as a prefix to tag the name of resources. Set to UiPath_Stack by default.

role

Used as a suffix for the newly created IAM Role of the Storage gateway.

s3BucketName

Creates a new S3 bucket with the specified name.

instance_count

The desired number of Orchestrator instances in the Auto Scaling Group.
Set to 1 by default, can be modified at any time as detailed here.

domain

Your registered domain in Route 53 to be used to host the project.

subdomain

The new subdomain to be used for the Application Load Balancer, created automatically by Terraform.

certificate_arn

The ARN of your registered certificate. Must be specified as wildcard type.

associate_public_ip_address

Used to configure if a public IP address is associated to the EC2 Orchestrator instances.
Set to false by default.

cidr_block

The CIDR block of your Amazon Virtual Private Cloud.

security_cidr_block

The CIDR block of your Security Group.
Note: Only ports 80 and 443 need to have internet access if you want to access your Orchestrator instance from the internet.

  1. In the locals-availability-zones.tf file, set the region(s) where you want to deploy your solution. For example:
locals {
  aws_region = "${var.aws_availability_zones["eu-west-2"]}"
}

Note:

Multi Availability Zone (AZ) resources are deployed in available AZ specified in the map type variable aws_availability_zones. Modify according to how many AZ you want to use. To get the AZ for the specified region see Available Regions.

  1. From the CLI, change to the directory of your Orchestrator plan. For example: cd C:\terraform.
  2. Run terraform init.
  3. Run terraform plan. Review the resources to be deployed and type terraform apply -auto-approve to deploy the resources.
    Note: You can run the command without -auto-approve and it will show all resources which will be deployed, but not begin until you type Yes to confirm.
  4. The deployment begins and should be completed in approximately 30 minutes, generating the following output:
Name
Description

bastion_public_ip

The public IP of the Bastion Host.

lb_dns_name

The FQDN of your load balancer.

haa_master_ip

The private IP of your HAA master node.

haa_slave_ip

The private IP of your HAA slave nodes.

Updated about a month ago


AWS Deployment


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.