Config in the Orchestrator?

In my opinion the Excel config file in the project folder is an outdated principle. It gets packaged in the Nuget Package, so if you change something, you will need to do a new release of the robot, which means going through lots of hoops in a large corporation. You can place the config file externally but in our case that poses security problems. It’s not feasible to put everything that’s in the config file as an asset in the Orchestrator.

Is there a way to upload the Config file to the Orchestrator, and edit it from there? This would not require a new release, and it allows you to separate the config file from assets that may be editable by business users. I think I read something about uploading a JSON config file but it was very vague.

If this is not possible, wouldn’t it be a great feature? Everything is moving to the cloud, a local config file is just an outdated concept in my opinion, and an external config file can pose security risks for big corporations.

Storage Buckets

Thank you. I’m assuming this means I could put the Config file in a Storage bucket?

How would I go about having the Robot read the config file from there?

I don’t see any security risks for this that don’t exist for Orchestrator too. Just create a folder for config files and only allow the appropriate people access. That’s what we did, and we are in a HIGHLY regulated environment.

With the activities that are explained in the documentation.

Sadly our security department said no. It would have to be on a shared network drive with the entire organization and… well, they just didn’t want it. Even if you limit the users that can access it.

The Orchestrator is considered a more acceptable place to store this info because then only the RPA team can access it, and it’s also easier for us because we directly control who does and does not have access to the info. So we don’t have to rely on a different department to give/remove access to a folder on a shared network drive.
That different department would then also have access to all the config files btw. We operate on a “least privilege policy”. If it’s not absolutely needed, you don’t get the authorization, and they are very very strict.

Found them, thank you. UiPath has many many features, a lot of them we don’t use, so this is new to me.

1 Like

It’s perplexing that your security team thinks there is a difference between controlling access to a Windows folder vs controlling access to Orchestrator. Especially when…

…this makes it a bigger security risk because there is no separation of duties.

That different department should be the IT Security (ie access provisioning) team, which has full access to literally everything.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.