Robocorp Runtime Environments Security
Robocorp runtime environment is a term for different ways of deploying software robots in remote locations. There are two ways of deploying software robots:
- on a self-hosted installation on a local computer, server or virtualized platforms, or
- in Robocorp Cloud hosted container runtime environment
The self-hosted installation of Robocorp runtime environment is called Robocorp App. It links a computer to Robocorp Cloud Workspaces and enables Robocorp Cloud to deploy and operate software robots on the computer securely. Workspace admins can download installers for Robocorp App from Robocorp Cloud, under "Environments". Supported operating systems are macOS, Windows, and Linux (AppImage).
Self-hosted installation is suitable for all kinds of different use cases where the user manages the running environment, e.g., on-premise servers, virtual machines, or user-hosted containers. Self-hosted installation is required for software robots that require access to the local resources and systems that are not accessible from the Internet.
Optimal security practices for Robocorp App
Robocorp App is used to run automation code on the computer, server, or virtualized operating systems or containers. Therefore it is important to keep in mind some security best practices to keep in mind while using Robocorp runtime environments:
- Protect your Robocorp Cloud account with a strong password and avoid using shared accounts
- Protect your Robocorp Cloud API keys and avoid hard-coding them directly into software robot or other source code
- Verify source code of software robots
- Do not run Robocorp runtime environments with root or administrator-level privileges. If possible, create a separate user with limited access rights to the underlying operating system and other devices on the network.
Robocorp App linking with Robocorp Cloud
Robocorp App can be linked to Robocorp Cloud in two ways:
- Log in to your Robocorp Cloud account via the Robocorp App and select a Workspace
- Choose the "Link token" option to use a generated a one-time and short-lived token that can be generated in each Robocorp Cloud Workspace, under "Environments".
If you choose the first option to link the Robocorp App to Robocorp Cloud via login, you can directly authenticate to Robocorp Cloud and choose a Workspace from a list based on the Workspaces you have been invited to or created.
The second option relies on a one-time token that is used to establish a trusted connection between the Robocorp Cloud Workspace and a Robocorp App. For security reasons, this token needs to be regenerated if multiple Apps are added.
Robocorp App secure communication with Robocorp Cloud
Robocorp App connects to Robocorp Cloud over an encrypted HTTPS connection on port 443. All connections are outbound from Robocorp runtime environment, requiring typically zero firewall rules to be added.
The control channel between Robocorp Cloud runtime environment and Robocorp Cloud is implemented using the WebSocket protocol, and the rest of the communication uses traditional HTTP endpoints (REST API). All communication is encrypted on the transport layer. Additional end-to-end encryption and digital signatures are utilized on the application layer for specific important operations, such as Vault secret transportation.
Robocorp hosted cloud runtime environment
Robocorp Cloud offers a managed version of a cloud runtime environment, which is launched on-demand in the cloud when robot execution starts. Under the hood, there is a Docker container that runs the Robocorp cloud runtime environment and executes one robot.
No local state is maintained between robot runs because a fresh container is used for each run. Currently, one Linux-based container option is available, providing a way to execute robots with no hardware setups.
The container runtime environments operate on hardened and isolated server instances.
What data is sent from Robocorp runtime environment to Robocorp Cloud?
For Robocorp Cloud runtime environment to operate in a Robocorp Cloud Workspace, the only mandatory communication needed is workload-agnostic control data. Control data includes commands from the cloud and generic status information towards the cloud. By default, also standard output and error streams are delivered to Robocorp Cloud for convenience.
Additionally, Robocorp Cloud provides several opt-in services for typical robotic process automation (RPA) use cases.
The software robot developer has full control over what happens to other data being accessed during the robot execution. The software robot developer can choose not to send sensitive data to Robocorp Cloud in work item payloads and artifacts.
How are artifacts stored and transferred from Robocorp runtime environment to Robocorp Cloud?
Artifact storage is backed by Amazon S3, and data is encrypted at rest using AWS-provided methods. Artifacts are transferred securely over HTTPS using short-lived S3 presigned requests. You may consider implementing application-level encryption as an additional security measure; however, Robocorp does not currently include any specific tooling for this purpose.