How does UiPath Orchestrator connect to AWS to create Elastic Robot Pools?

Help Orchestrator
,
1

Background

I am working documentation for our internal cloud team on how the Elastic Robot Pools work within UiPath Orchestrator. I was able to identify that UiPath controls Elastic Pooling from Azure, but I’m not certain as to how.

Hypotheses’

  1. UiPath sends and API command across the open internet with TLS Encryption to AWS to start new EC2s. This option feels unlikely. There aren’t any registered API endpoints from AWS that would allow for this to happen. It would have to communicate directly with a given customer’s ingress API Gateway.
  2. UiPath uses a combination of Azure ExpressRoute and AWS DirectConnect to use Private Links to have IAM roles based authorization to be able to communicate with AWS products.
    ![This conceptual architecture diagram illustrates the connection between UiPath on Azure and various AWS services via DA6 using ExpressRoute Direct, integrating AWS Direct Connect, Secret Manager, Amazon EC2 with UiPath Robots, and S3 Buckets.
    This image is a conceptual architecture diagram showing the connection between UiPath Orchestrator in Azure and various AWS services through ExpressRoute Direct. (Captioned by AI)
    This image is a conceptual architecture diagram showing the connection between UiPath Orchestrator in Azure and various AWS services through ExpressRoute Direct. (Captioned by AI)782×492 25.9 KB

Does anyone have any information that would be able to validate? It’s a security concern for our company.

Update 1

I found the following link Automation Cloud - Data security and compliance

That includes the following diagram

This image shows the structure of an enterprise Automation Cloud deployment, highlighting various configurations including public cloud, private cloud, and on-premises setups, as well as their integration with services, applications, and protective measures against cyber threats. (Captioned by AI)
This image shows the structure of an enterprise Automation Cloud deployment, highlighting various configurations including public cloud, private cloud, and on-premises setups, as well as their integration with services, applications, and protective measures against cyber threats. (Captioned by AI)1900×978 81.2 KB

I need to learn how the “Load Balancing, WAF, DDOS Protection” is implemented on the UiPath Enterprise side.

2

@joseph.prause

I hope this connection guide answers you questions and close to 2

Cheers

3

This is close, but it doesn’t go into enough detail on the architecture behind the connection.

My cloud team is looking for information on “What protocols/pathways/methodologies is UiPath using when it connects to AWS with an assumed IAM Role.”

4

@joseph.prause

It uses the access token generated from ec2 to connect between orchestrator and EC2 instance and IAM roles control these urity layer for EC2. If you pass this connection info to your AWS they can give you the exact connection route as well.

If ypu have a TAM from UiPath it would we better you reachout to them who can provide more details based on your current profile

Cheers