Creating a Custom Policy
Scenarios
Custom policies can be created as a supplement to the system permissions of Workspace.
You can create custom policies in either of the following ways:
- Visual editor: Select cloud services, actions, resources, and request conditions. You do not need to have knowledge of the policy syntax.
- JSON: Create a policy in the JSON format from scratch or based on an existing policy.
For details, see Creating a Custom Policy. The following section contains examples of common Workspace custom policies.
Policy Examples
- Example 1: Assigning the permissions for desktop startup and shutdown to users.
{ "Version": "1.1", "Statement": [ { "Effect": "Allow", "Action": [ "workspace:*:get*", "workspace:*:list*", "workspace:*:export*", "ims:images:get", "ims:images:list", "ims:quotas:get", "nat:natGateways:list", "nat:snatRules:list", "vpc:bandwidths:list", "vpc:networks:get", "vpc:ports:get", "vpc:publicIps:get", "vpc:publicIps:list", "vpc:quotas:list", "vpc:securityGroupRules:get", "vpc:securityGroups:get", "vpc:subnets:get", "vpc:vpcs:get", "vpc:vpcs:list", "vpcep:endpoints:get", "dss:pools:list", "workspace:desktops:operate" ] } ] }
![](https://support.huaweicloud.com/eu/productdesc-workspace/public_sys-resources/note_3.0-en-us.png)
workspace:desktops:operate indicates desktop operations (startup, shutdown, restart, and hibernation). Other permissions are read-only and dependent permissions.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.