I’m in the middle of creating a manual on permission assignment etc.
There are quite a lot of permissions available and although most of them are self-explainatory(Folder: Assets, Jobs, Processes | Tenant: Machines, Robots, Roles), there are some which are not so clear(Folder: Environments, Execution Media, Connections | Tenant: Background tasks, ML Logs, Libraries, Packages).
I was wondering if there’s any site which does explain it in some good manner/one place?
For example,
permissions on Environments:
What are environments? From reading Docs I suppose this is some kind of equivalent of machine template in classic folders but it takes a lot of time to search for it and since I have never used it I am not sure how does it exactly work.
permissions on Libraries/Packages:
I know that without packages permissions you won’t be able to add/delete packages in Orchestrator.
But it also true about utilizing packages from Orchestrator, so you are not able to run robots if you don’t have at least view permission on that.
For example if I got the Packages view permission, am I able to use both library and robot packages from Orchestrator?
Is view permission in both Library and Packages required to run the robots without any problem?
Right now even with self-explainatory permissions it’s more of a "I got a feeling it works this way buuuuuut… I might be wrong in some aspects than “It is explained and I am sure this permission allows me to do that and that.”
Thanks for the comment however this does not answer my question.
I have read through, what I believe, is all docs on roles and permissions on UiPath portal and there is no answer there.
I would appreciate if you could link me any other source of knowledge which would explain the permissions in futher details.
Just to be precise, I would like to know how each permissions affects the way account can access resources in Orchestrator and Studio.
Some tenant level permissions are directly connected to use of Ochestrator resources by UiPath Assistant however the only description that can be found is that you can view, edit, add and delete it without further explaination.
As @kennbalobalo said, environment is a logical group of Robots. You can define a more granular access to it. For instance, in your Development Orchestrator or Tenant, you can create multiple folders, and inside each folder you can define different environments. In this case, there are 3 levels of access, Tenant, Folder, and Environment.
Regarding Libraries and Packages. Bots that are only running processes need read access to it. Developer can have access to create them in your Dev environment. But other than that, it depends on your enterprise security policies who else can have that permission. Maybe a deployment manager as well.
Execution Media is required to take screenshots if I’m not mistaken.
Background tasks are related to creating actions that can be viewed and changed on the orchestrator. Not 100% sure on that.
ML Logs are related to Machine Learning.
I’m doing this exact same job of creating custom roles, it’s quite confusing.
But from what I understand Environments are part of classic folders which, probably any org that has started after modern folders appeard, won’t be using.
As for the rest of the info, did you went through each and every docs page or did you perform trial and error tests?
I’m leaving my organization soon and they asked me to create a lot of detailed documents on how to use Orchestrator etc, this is the only one which has very little details in UiPath Docs.
It’s confusing because it’s quite self-explainatory which permission does what, but there is no detailed page which describes each of the permissions in details except for Users I suppose.
Yeah, the only doc that I’m aware of is the Default Roles. What I know is mostly by exploring and trying things out. I’m defining the roles that my enterprise will use, it’s not something so simple.
Yes the concept of “Environments” is totally obsolete unless your company happens to still have a really old on-prem version of Orchestrator
There is no single place I could point to that has a clear explanation of permissions. I bet even the UiPath team themselves probably don’t even understand it. It’s gotten that complicated
Once modern folders and tenant permissions vs. folder permissions came along… permissions are pretty much rocket science now. When they added ambiguous concepts like “Allow to be automation user” and “Automation User”, my mind exploded, and I pretty much just understand enough basics to ensure my users can access the right folders to see & run automations.
I just skimmed the current documentation and honestly I didn’t see any permissions documents that caught my eye.
It seems that working with permissions became a real hustle.
Using them still comes kind of naturally, and if one of the users lacks access to any part of Orchestrator functionality is quite easy to locate which permission is missing.
I let myself mark @Joel_Medeiros’s answer as solution(it’s closest to what I wanted to know), not to create unnecessary traffic here. Hopefully roles and permissions will get more detailed explaination somewhere in the future along with the new patches!
