automation-suite
2022.10
false
- Overview
- Requirements
- Installation
- Q&A: Deployment templates
- Downloading the installation packages
- Install-uipath.sh Parameters
- Enabling Redis High Availability Add-On for the cluster
- Document Understanding configuration file
- Adding a dedicated agent node with GPU support
- Connecting Task Mining application
- Adding a dedicated agent Node for Task Mining
- Adding a Dedicated Agent Node for Automation Suite Robots
- Post-installation
- Cluster administration
- Monitoring and alerting
- Migration and upgrade
- Migration options
- Step 1: Moving the Identity organization data from standalone to Automation Suite
- Step 2: Restoring the standalone product database
- Step 3: Backing up the platform database in Automation Suite
- Step 4: Merging organizations in Automation Suite
- Step 5: Updating the migrated product connection strings
- Step 6: Migrating standalone Insights
- Step 7: Deleting the default tenant
- Performing a single tenant migration
- Product-specific configuration
- Best practices and maintenance
- Troubleshooting
- How to troubleshoot services during installation
- How to uninstall the cluster
- How to clean up offline artifacts to improve disk space
- How to clear Redis data
- How to enable Istio logging
- How to manually clean up logs
- How to clean up old logs stored in the sf-logs bucket
- How to disable streaming logs for AI Center
- How to debug failed Automation Suite installations
- How to delete images from the old installer after upgrade
- How to automatically clean up Longhorn snapshots
- How to disable TX checksum offloading
- How to address weak ciphers in TLS 1.2
- Unable to run an offline installation on RHEL 8.4 OS
- Error in Downloading the Bundle
- Offline installation fails because of missing binary
- Certificate issue in offline installation
- First installation fails during Longhorn setup
- SQL connection string validation error
- Prerequisite check for selinux iscsid module fails
- Azure disk not marked as SSD
- Failure after certificate update
- Antivirus causes installation issues
- Automation Suite not working after OS upgrade
- Automation Suite requires backlog_wait_time to be set to 0
- Volume unable to mount due to not being ready for workloads
- Unable to launch Automation Hub and Apps with proxy setup
- Failure to upload or download data in objectstore
- PVC resize does not heal Ceph
- Failure to resize PVC
- Failure to resize objectstore PVC
- Rook Ceph or Looker pod stuck in Init state
- StatefulSet volume attachment error
- Failure to create persistent volumes
- Storage reclamation patch
- Backup failed due to TooManySnapshots error
- All Longhorn replicas are faulted
- Setting a timeout interval for the management portals
- Update the underlying directory connections
- Authentication not working after migration
- Kinit: Cannot find KDC for realm <AD Domain> while getting initial credentials
- Kinit: Keytab contains no suitable keys for *** while getting initial credentials
- GSSAPI operation failed due to invalid status code
- Alarm received for failed Kerberos-tgt-update job
- SSPI provider: Server not found in Kerberos database
- Login failed for AD user due to disabled account
- ArgoCD login failed
- Failure to get the sandbox image
- Pods not showing in ArgoCD UI
- Redis probe failure
- RKE2 server fails to start
- Secret not found in UiPath namespace
- ArgoCD goes into progressing state after first installation
- Unexpected inconsistency; run fsck manually
- MongoDB pods in CrashLoopBackOff or pending PVC provisioning after deletion
- MongoDB Pod Fails to Upgrade From 4.4.4-ent to 5.0.7-ent
- Unhealthy services after cluster restore or rollback
- Pods stuck in Init:0/X
- Prometheus in CrashloopBackoff state with out-of-memory (OOM) error
- Missing Ceph-rook metrics from monitoring dashboards
- Pods cannot communicate with FQDN in a proxy environment
- Using the Automation Suite Diagnostics Tool
- Using the Automation Suite support bundle
- Exploring Logs
Automation Suite installation guide
Last updated Nov 6, 2025
Automation Suite supports the following external objectstores:
- Azure Storage (Azure Blob Storage)
- AWS S3
- S3 compatible objectstore.
Note:
- Only some S3-compatible objectstores are compatible with Automation Suite. Many storage providers do not fully support the S3 storage APIs required by the products installed on Automation Suite.
- When using Premium performance tier in Azure Blob Storage, you must select Block blobs. File shares and Page blobs are not supported. Using unsupported blob types may cause the prerequisites check to fail.
- For Automation Suite to function properly when using pre-signed URLs, you must make sure that your external objectstore is accessible from the Automation Suite cluster, browsers, and all your machines, including workstations and robot machines.
- When configuring the external object storage, you must follow the naming rules and conventions from your provider for both
bucket_name_prefixandbucket_name_suffix. In addition to that, the suffix and prefix must have a combined length of no more than 25 characters, and you must not end the prefix or start the suffix with a hyphen (-) as we already add the character for you automatically. -
The Server Side Encryption with Key Management Service (SSE-KMS) can only be enabled on the Automation Suite buckets deployed in any region created after January 30, 2014.
SSE-KMS functionality requires pure SignV4 APIs. Regions created before January 30, 2014 do not use pure SignV4 APIs due to backward compatibility with SignV2. Therefore, SSE-KMS is only functional in regions that use SignV4 for communication. To find out when the various regions were provisioned, refer to the AWS documentation.
Your S3-compatible objectstore must have the following APIs for the products you plan to install on Automation Suite:
| UiPath naming | AWS naming |
Platform |
Orchestrator |
AI Center |
Apps |
Document Understanding |
Test Manager |
Data Service |
Process Mining |
Task Mining |
|
| GetObject | |||||||||
|
| HeadObject |
N/A |
N/A | |||||||
|
| PutObject | |||||||||
|
| DeleteObject | |||||||||
|
| CreateMultipartUpload |
N/A |
N/A |
N/A | ||||||
|
| UploadPart |
N/A |
N/A |
N/A | ||||||
|
| UploadPartCopy |
N/A |
N/A |
N/A |
N/A |
N/A | ||||
|
| CompleteMultipartUpload |
N/A |
N/A |
N/A | ||||||
PRESIGNED_URL | GeneratePresignedUrl (SDK)
|
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A | |
|
| ListObjectsV2 | |||||||||
|
| ListMultipartUploads |
N/A |
N/A |
N/A |
N/A | |||||
|
| DeleteMultipleObjects |
N/A |
N/A |
N/A |
N/A |
N/A | ||||
|
| CopyObject |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A | |||
|
| ListParts |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A | ||
|
| PutBucket |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A | ||
|
| ListBuckets |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A | ||
|
| HeadBucket |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
N/A |
To ensure secure and compatible communication with Automation Suite, your S3-compatible objectstore must support one or more of the following secure TLS cipher suites:
- TLS 1.3:
TLS_AES_128_GCM_SHA256TLS_AES_256_GCM_SHA384TLS_CHACHA20_POLY1305_SHA256
- TLS 1.2:
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHATLS_ECDHE_RSA_WITH_AES_128_CBC_SHATLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
Note: The list of supported cipher suites may evolve over time to align with security best practices and updates in the Go cryptographic
library. Refer to the latest Go documentation for the current list.
Make sure the following CORS policy is configured at your objectstore server or the bucket level.
This is the CORS policy in JSON format:
JSON
[
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"POST",
"GET",
"HEAD",
"DELETE",
"PUT"
],
"AllowedOrigins": [
"https://{{fqdn}}"
],
"ExposeHeaders": [
"etag",
"x-amz-server-side-encryption",
"x-amz-request-id",
"x-amz-id-2"
],
"MaxAgeSeconds": 3000
}
][
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"POST",
"GET",
"HEAD",
"DELETE",
"PUT"
],
"AllowedOrigins": [
"https://{{fqdn}}"
],
"ExposeHeaders": [
"etag",
"x-amz-server-side-encryption",
"x-amz-request-id",
"x-amz-id-2"
],
"MaxAgeSeconds": 3000
}
]This is the CORS policy in XML format:
XML
<CORSConfiguration>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<ExposeHeader>x-amz-server-side-encryption</ExposeHeader>
<ExposeHeader>x-amz-request-id</ExposeHeader>
<ExposeHeader>x-amz-id-2</ExposeHeader>
<ExposeHeader>etag</ExposeHeader>
</CORSRule>
</CORSConfiguration><CORSConfiguration>
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedHeader>*</AllowedHeader>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<ExposeHeader>x-amz-server-side-encryption</ExposeHeader>
<ExposeHeader>x-amz-request-id</ExposeHeader>
<ExposeHeader>x-amz-id-2</ExposeHeader>
<ExposeHeader>etag</ExposeHeader>
</CORSRule>
</CORSConfiguration>
