- Overview
- Requirements
- Pre-installation
- Preparing the installation
- Downloading the installation packages
- Configuring the OCI-compliant registry
- Granting installation permissions
- Installing and configuring the service mesh
- Installing and configuring the GitOps tool
- Installing the External Secrets Operator in Kubernetes
- Applying miscellaneous configurations
- Running uipathctl
- Installation
- Post-installation
- Migration and upgrade
- Monitoring and alerting
- Cluster administration
- Product-specific configuration
- Orchestrator advanced configuration
- Configuring Orchestrator parameters
- Configuring appSettings
- Configuring the maximum request size
- Overriding cluster-level storage configuration
- Configuring NLog
- Saving robot logs to Elasticsearch
- Configuring credential stores
- Configuring encryption key per tenant
- Cleaning up the Orchestrator database
- Skipping host library installation
- AI Trust Layer
- Troubleshooting
- The backup setup does not work due to a failure to connect to Azure Government
- Pods in the uipath namespace stuck when enabling custom node taints
- Unable to launch Automation Hub and Apps with proxy setup
- Velero backup fails with FailedValidation error
- External Secrets troubleshooting
- Temporal as a Service troubleshooting
- AI Center and Document Understanding pods fail to start with TLS certificate verification enabled
- Fluentd does not export logs in IPv6 environments
Automation Suite on EKS/AKS installation guide
The following secure stores are already available in Orchestrator:
- Azure Key Vault
- CyberArk CCP
- HashiCorp Vault
- Thycotic Secret Server
- Beyond Trust
- AWS Secrets Manager
Any credential store plugin you choose to use must be Linux-compatible.
To disable the default plugins, set the Plugins.SecureStores.Default key as an empty string in the appsettings.json file. For details, refer to Configuring appSettings.
Uploading custom secure store plugins
If you want to add custom secure store assemblies, you can do so via the uipathctl command line tool, using the uipathctl config orchestrator upload command:
uipathctl config orchestrator upload --securestore-plugins-directory /path/to/plugins/directory
uipathctl config orchestrator upload --securestore-plugins-directory /path/to/plugins/directory
Plugin settings are configured in appSettings using the convention for configuration keys. For details, refer to Configuring appSettings.
Plugins must not write to any storage apart from /tmp.
If you use an external storage configuration at the cluster level, you must indicate this by including the --is-external-storage parameter.
-
Add the custom secure store plugins of your choice to
appSettingsusing the following command:Plugins.SecureStores.<<FriendlyName>>.<<SettingName>>Plugins.SecureStores.<<FriendlyName>>.<<SettingName>> -
Enable the custom secure store plugins by updating
appSettingswith the relative path of the plugin (from thesecurestorepluginsfolder):"Plugins.SecureStores":"myplugin/MyPlugin.dll,secondPlugin/SecondPlugin.dll""Plugins.SecureStores":"myplugin/MyPlugin.dll,secondPlugin/SecondPlugin.dll"