- Test Cloud 入门
- 管理 Test Cloud 组织
- 概述
- 使用 Test Cloud
Test Cloud 管理员指南
This section gives an introduction to managing Test Cloud Dedicated organizations in the UiPath® ecosystem. This overview covers the basic aspects of Test Cloud Dedicated organizations, such as their creation, operation, and various features.
For more detailed information on the platform capabilities of Test Cloud Dedicated, visit the Automation Cloud Dedicated Admin guide.
Test Cloud Dedicated is built to meet the security, privacy, and compliance requirements of large enterprises that manage sensitive data. The platform combines dedicated infrastructure, strong encryption, controlled connectivity, and certified security controls to help organizations operate securely and meet regulatory obligations.
UiPath voluntarily completes and maintains multiple industry recognized security certifications and attestations, and continuously validates its security posture through internal and external assessments. Test Cloud Dedicated is certified for ISO 27001, 27017, 27018, and 9001, and holds HITRUST certification, along with SOC 1, SOC 2, HIPAA, and C5 attestations. Additional security and operational details can be provided under NDA through your UiPath account team.
Core security capabilities
- Data residency control: Choose the Azure region where your Test Cloud Dedicated instance is deployed, supporting regional data residency and compliance requirements.
- Encryption by default: All data is encrypted at rest and in transit using AES 256 bit encryption and TLS 1.2 or higher. Encryption is enabled by default across platform data stores.
- Managed key protection: UiPath manages encryption keys using Azure Key Vault, with automatic key rotation enabled to ensure continuous protection.
- Certificate management: The platform uses trusted certificate authorities to secure communications and supports automated certificate rotation to maintain secure connectivity.
- Secure access and authentication: Supports enterprise authentication models including SSO with identity providers, role based access control, session policies, and IP based access restrictions.
- Audit and monitoring: Built-in audit logging captures user actions and system events to support monitoring, investigation, and compliance needs.
- Controlled connectivity: Enables secure communication between your environment and the dedicated platform, with support for private access models and defined network allow lists.
In Test Cloud Dedicated, an organization represents a fully isolated, single tenant environment where you manage all automation services, users, and resources. It is the highest level of structure in the UiPath platform and serves as the central control plane for configuration, security, and access management.
Each Test Cloud Dedicated deployment creates a dedicated organization that provides a unique operating space tailored to your company’s requirements. Organizations are identified by a unique URL, an organization name, and a support ID used for administrative and support interactions.
From the organization level, administrators manage authentication and security settings, users and roles, licensing, integrations with external applications, notifications, logging, and platform wide preferences. Organization settings apply across all services and tenants unless more granular controls are configured.
This organizational model ensures strong isolation, centralized governance, and consistent management across all Test Cloud Dedicated services.
Test Cloud Dedicated inherits the same authentication and security framework as Automation Suite, providing flexible, enterprise-grade controls for managing access, identity, and data protection.
身份验证选项
管理员可以在组织级别配置一个或多个身份验证方法,确保所有用户均可一致、安全地访问:
-
基本身份验证:允许用户使用本地帐户的用户名和密码登录。 可以对此方法进行限制,以便仅允许基于目录的身份验证(通过外部身份提供程序)。
-
Microsoft Entra ID 集成:支持使用 OpenID Connect 实现单点登录 (SSO),并与 Microsoft Entra ID 用户和组同步,从而在不中断服务的情况下逐步推出。
-
SAML 2.0 集成:与任何符合 SAML 2.0 要求的身份提供程序 (IdP) 提供安全的 SSO 和单点注销 (SLO),提高已连接应用程序的效率和用户体验。
密码和帐户保护
Test Cloud 支持可自定义的安全策略,有助于确保密码和帐户卫生:
-
密码复杂性:定义字符类型、最小长度、到期时间和重用限制的要求。
-
帐户锁定:在达到可配置的失败尝试次数后,通过自动锁定帐户来防止登录尝试反复失败。
-
首次登录时更改:可选择要求用户在首次访问时重置其密码。
加密和租户级安全性
为了确保数据隔离和合规性,每个租户都可以使用 Microsoft Azure 密钥保险库加密。 此设置允许每个租户的唯一加密密钥,并通过 Azure 服务进行安全管理。
管理控制
组织管理员可以从管理门户中的“管理员 > 安全设置”中配置所有身份验证和安全设置。主机级别的系统管理员定义全局策略,组织默认会继承这些策略,但可以在必要时覆盖这些策略。
有关更多信息,请参阅“身份验证和安全”部分。
In Test Cloud Dedicated, tenants let you organize and manage your testing environment within an organization. Each tenant acts as a secure container for services and resources, helping you model your business structure, for example, by department, region, or project, while keeping data, licenses, and configurations isolated.
租户结构和管理
-
每个组织都从设置期间自动创建的 DefaultTenant 开始。
-
系统管理员可以在“管理员”区域创建其他租户,为数据托管指定区域,并选择要在每个租户中启用的服务。
-
可以根据需要启用、禁用或删除租户。 禁用后,所有许可证将返回到组织池,数据将保留。
-
您可以从租户选取器轻松切换租户,以便处理每个环境的特定数据。
每个租户的服务
许可证和访问控制
管理员在租户级别分配许可证,决定要分配的用户和机器人许可证的数量。 租户可见性和访问权限取决于每项服务中的用户权限,确保用户只能访问与其角色相关的租户和服务。
使用标签组织资源
标签用于对租户和服务中的自动化和测试资源进行分类和识别。 您可以创建标签或键值对(属性),以便对相关项目(例如测试资产或环境)进行分组。 在平台级别创建的标签集中存储,并在 Orchestrator 和其他已连接的服务之间同步。
有关更多信息,请参阅“租户和服务”部分。
Test Cloud Dedicated provides centralized identity, access, and permission management through accounts, groups, and roles. This model enables organizations to control who can access the platform, which services they can use, and what actions they can perform, while maintaining strong isolation and governance.
The platform supports both user accounts and robot accounts. User accounts represent individual people and can be managed locally or integrated with an external identity provider such as Microsoft Entra ID. Robot accounts are non human identities designed for running unattended automations securely and independently of individual users.
Groups simplify administration by allowing roles, licenses, and configurations to be assigned once and inherited by all members. Groups can be created locally in the UiPath platform or synchronized from a connected directory, enabling centralized onboarding and consistent access control.
Roles define permissions at two levels:
-
Organization-level roles, which control access to platform wide administration and settings
-
Service-level roles, which govern actions within individual UiPath services and are managed directly in each service
Accounts inherit permissions through group membership, with support for both direct assignment and automatic provisioning from external identity providers. This approach provides flexible access control, reduces administrative effort, and supports enterprise scale security and compliance across Test Cloud Dedicated services.
AI Trust Layer 为所有 UiPath™ 产品的生成式 AI 功能提供了管理和严格的监管功能。AI Trust Layer 旨在确保每次交互中的数据机密性和安全性,可以将您的数据限制在 UiPath™ 环境中。有关更多信息,请访问关于 AI Trust Layer。
Test Cloud Dedicated supports secure integrations with external applications via OAuth 2.0 and Personal Access Tokens (PATs), enabling controlled API access without sharing user credentials.
OAuth 外部应用程序
-
机密(应用作用域):可以安全存储密码的无头或服务器应用程序。它们的行为方式为应用程序本身。
-
机密(用户作用域):代表用户执行操作的服务器应用程序。它们可以安全地存储密码。
-
非机密(用户作用域):客户端应用程序(无密码存储),用户使用短时令牌进行授权。
个人访问令牌 (PAT)
个人访问令牌是用户范围的令牌(仅适用于本地用户帐户),用于代替密码,以访问已定义的作用域和到期日期的 API。 组织管理员可以启用或禁用 PAT,设置最长生命周期,查看所有 PAT,单独撤销令牌,或者在令牌疑似暴露的情况下通过粘贴已知令牌将其立即撤销。
有关更多信息,请参阅“外部应用程序”部分。
Stay updated about your actions and their outcomes with notifications. Keep track of user or administrative actions within your organization account through both in-app, and email notifications. For more details on enabling and managing notifications, visit .
Logging is an important tool for various tasks like debugging issues, reporting trends, and enhancing security and performance. Test Cloud Dedicated, along with other cloud services, uses different types of logs based on their unique requirements. For a thorough walkthrough on the uses and management of logs, visit About logs.
