All Products
Search

This Product

    Elastic Desktop Service:Create and manage cloud computer policies

    Document Center

    Elastic Desktop Service:Create and manage cloud computer policies

    Last Updated:Oct 29, 2024

    In Elastic Desktop Service (EDS), a cloud computer policy is a set of configurations for managing cloud computers, including data security, access control, user experience, and collaboration. EDS provides a default cloud computer policy that cannot be modified or deleted. To meet your business requirements, you can create custom policies. This topic describes how to create and manage custom policies.

    Create a custom policy

    You can use different methods to create a custom policy.

    Create a custom policy

    You can create a custom policy from scratch.

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Operation & Maintenance > Policies.

    3. On the Policies page, click Create Policy.

    4. On the Create Policy page, configure the Policy Name parameter as prompted, modify the policy configurations based on your business requirements, and then click OK.

      After the policy is created, you can view the newly created policy on the Policies page.

    Clone an existing custom policy

    If you want to quickly create a policy whose configurations are the same as or similar to an existing policy, we recommend that you clone the existing policy and modify the configurations based on your business requirements.

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Operation & Maintenance > Policies.

    3. On the Policies page, find the source custom policy that you want to clone and click Clone in the Actions column.

    4. In the Clone Policy dialog box, specify a name for the policy that you want to create and click OK.

      After the policy is cloned, you can view the cloned policy in the policy list and modify its configurations based on your business requirements.

    Import a policy configuration file

    You can import a standard policy configuration file in the JSON format to quickly create a policy.

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Operation & Maintenance > Policies.

    3. On the Policies page, click Import Policy.

    4. In the Import Policy dialog box, specify a name for the policy that you want to create, upload a policy configuration file in the JSON format, and then click OK.

    Change an associated policy

    If the policy associated with your cloud computer or cloud computer pool cannot meet your business requirements, you can change the associated policy.

    Replace the existing policy of a cloud computer

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Resources & Terminals > Cloud Computers.

    3. On the Cloud Computers page, perform the following operations to replace the existing policy of one or more cloud computers based on your business requirements:

      • Replace the existing policy of a cloud computer: Find the cloud computer that you want to manage, click the ⋮ icon in the Actions column, and then select Change Policy.

      • Replace the existing policy of multiple cloud computers: Select one or more cloud computers and choose More > Change Policy in the lower part of the page.

    4. In the Change Policy panel, clear the current policy, select a new policy, and then click OK.

    5. In the message that appears, click OK.

    Replace the existing policy of a cloud computer pool

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Resources & Terminals > Cloud Computer Pools.

    3. On the Cloud Computer Pools page, find the cloud computer pool that you want to manage and click its ID in the Pool ID/Name column.

    4. On the Basic Information tab, find the Policy Group Name parameter and click the icon.

    5. In the Change Policy panel, clear the current policy, select a new policy, and then click OK.

    Modify a custom policy

    If the custom policy associated with your cloud computer cannot meet your business requirements, you can modify the policy.

    Procedure

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Operation & Maintenance > Policies.

    3. On the Policies page, find the custom policy that you want to manage and click Change Policy in the Actions column.

    4. On the Modify Policy page, modify the configurations based on your business requirements and click OK.

    Time when modifications take effect

    After you modify a policy that is associated with a cloud computer, the rules determine the time when the modifications take effect. Modifications to the following rules immediately take effect. End users do not need to disconnect from and reconnect to cloud computers.

    • Display mode

    • Watermark

    • Security group control

    • Domain name access control

    • Screen recording audit

    • Remote assistance

    Modifications to other rules take effect the next time end users connect to the cloud computers with which the policy is associated.

    Specify CIDR blocks on which a policy takes effect

    By default, a custom policy takes effect on all CIDR blocks. If you want a custom policy to take effect only on specific CIDR blocks, specify the CIDR blocks. Then, when end users connect to cloud computers that are associated with the policy from Alibaba Cloud Workspace terminals, the system determines whether the egress IP addresses of the terminals are within the specified CIDR blocks. If the egress IP addresses of the terminals are not within the specified CIDR blocks, the policy does not take effect.

    image

    Procedure

    To specify a CIDR block on which a policy takes effect, perform the following steps:

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Operation & Maintenance > Policies.

    3. On the Policies page, find the custom policy that you want to manage and click Change Policy in the Actions column.

    4. In the upper part of the Modify Policy page, select Specific CIDR Block for the Valid IP Address parameter and click Add CIDR Block.

      Note

      • For policies that are not associated with cloud computers and policies that are associated with cloud computers and take effect on specified CIDR blocks, you can directly change the CIDR blocks.

      • For policies that are associated with cloud computers and take effect on all CIDR blocks, you must disassociate the policies from cloud computers. Then, you can specify the CIDR blocks on which the policies take effect. If you do not want to disassociate the policies, you can clone the policies to create new policies that have the same configurations, specify a CIDR block for the new policies, and then associate the new policies with the cloud computers. For more information about how to clone a custom policy, see Create a custom policy.

    5. In the Add CIDR Block dialog box, enter up to three CIDR blocks and click OK.

      After you specify CIDR blocks for a policy and associate the policy with a cloud computer, the policy takes effect the next time the cloud computer is connected.

      Note

      Each cloud computer must be associated with exactly one policy that takes effect on all CIDR blocks. A cloud computer can be associated with up to four policies that take effect on specific CIDR blocks.

    Export a policy

    You can export policies. The exported policies are configuration files in the JSON format. If you share the files to others, the recipients can import the files to quickly create policies.

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Operation & Maintenance > Policies.

    3. On the Policies page, find the policy that you want to manage and click Export Policy in the Actions column.

      After the policy is exported, a file in the JSON format is generated, and you can download it to your on-premises device.

    Delete a custom policy

    If you no longer require a policy, you can delete it.

    1. Log on to the EDS console.

    2. In the left-side navigation pane, choose Operation & Maintenance > Policies.

    3. On the Policies page, perform the following operations to delete one or more custom policies.

      Note

      If the policy that you want to delete is associated with cloud computers, you must replace the policy with another one and then proceed with the delete operation. For more information, see Replace the existing policy of a cloud computer.

      • Delete a policy: Find the custom policy that you want to manage and click Delete in the Actions column.

      • Delete multiple policies: Select one or more custom policies and click Delete in the lower part of the page.

    4. In the message that appears, click OK.