Cette page n'est pas encore disponible dans votre langue. Nous nous efforçons d'ajouter d'autres langues. Nous vous remercions de votre compréhension.
Workspace
Workspace
- Function Overview
- Service Overview
- Getting Started
-
User Guide(Administrator)
- Dashboard
-
Desktop Management
- Managing Desktops
- Viewing Desktops That Fail to Be Created
- Modifying Specifications
- Recomposing a System Disk
- Adding a Disk
- Expanding the Disk Capacity
- Deleting a Disk
- Managing Tags
- Converting a Desktop to an Image
- Configuring a Desktop Network
- Changing the Desktop Billing Mode (from Pay-per-Use to Yearly/Monthly)
- Renewing a Yearly/Monthly-Billed Desktop
- Unsubscribing from a Desktop
-
Desktop Pool Management
- Managing Desktop Pools
- Viewing Desktops That Fail to Be Created in the Desktop Pool
- Modifying Specifications
- Adding a Desktop to a Desktop Pool
- Recomposing a System Disk
- Adding Disks
- Expanding the Disk Capacity
- Deleting Disks
- Creating an Image
- Adding Users or User Groups
- Removing Users or User Groups
- Renewing a Yearly/Monthly-Billed Desktop Pool
- Unsubscribing from a Desktop Pool
- Users
- User Groups
- Policy Management
- OU Management
- User Login Records
-
Tenant Configuration
-
Basic Configuration
- Configuring an AD Domain
- Configuring AD Domain Certificate Authentication
- Changing the Domain Administrator Password
- Modifying Domain Configurations
- Changing the Internet Access Mode
- Changing the Service Subnet
- Changing the Internet Access Port
- Canceling a Service
- Reactivating a Service
- Configuring Multi-Factor Authentication
- Configuring Whether to Block Notification Emails for Desktop Unsubscription or Deletion
- Multi-VPC Workspace
- Authentication Configuration
-
Basic Configuration
- Internet Access Management
- Scheduled Tasks
- Application Center
- Private Images
- Permission Management
- Data Backup and Restoration
- Common Function Configuration
- Subscribing to an Event
- Change History
-
User Guide(End Users)
- Getting to Know Workspace
- Introduction to Terminals
- Logging In to a Desktop Using an SC
- Logging In to a Desktop Using a TC
- Logging In to a Desktop Using a Mobile Terminal
- Desktop Assistant
- Changing the Login Password
- Forbidden Operations
- Configuring Dual-Screen Display
- Configuring Common Functions
- Change History
- Best Practices
-
FAQs
-
FAQs for Administrators
- What Are the Features and Advantages of Workspace?
- How Is Workspace Charged?
- How Do I Check My Quotas?
- How Do I Increase My Quotas?
- How Do I Add a Disk?
- How Do I Connect the Desktop to a Local Printer?
- How Do I Connect the Desktop to a Network Printer?
- How Do I Do If the Desktop Fails to Connect to the AD?
- Can I Change the User Authentication Mode of the Desktop?
- How do I Enable LDAPS on the AD Server?
- How do I Export the Root Certificate of an LDAPS-enabled AD server?
- What If I Fail to Purchase a Desktop?
- How Do I Do If the Functions of Purchasing a Desktop, Creating a User, Creating a Policy, and Enabling the Internet are Unavailable?
- Can I Use Private Images to Purchase Desktops?
- How Many Private Images Can Be Created on Workspace at Most?
- What Are the Network Requirements for Logging In to Desktops?
- How Do I Do If My Desktop Cannot Access the Internet?
- How Do I Configure Workspace to Access the Internet?
- How Do I Configure Workspace to Access the Enterprise Intranet?
- How Do I Enable the Internet on Other Cloud Service Pages?
- How Do I Copy Files Between a Desktop and a Local Storage Device?
- What If I Lost the Administrator Password?
- How Does an Administrator Unlock an End User Account?
- How Do I Do If an End User Fails to Log In to a Desktop?
- How Do I Back Up and Restore a Desktop?
- How Do I Do If a Message Is Displayed Indicating Duplicate Policy Names During Policy Import?
- How Do I Do If a User Cannot Be Bound to a Client Using the Dynamic Verification Code of the Previously Bound MFA Device?
- How Do I Do If the Message "Insufficient permissions for the IAM account. Security Administrator permissions required." Is Displayed When I Enable an Agency?
- How Do I Do If a User Does Not Receive an Email for Creating a Desktop or Assigning a User?
- How Do I Add Resources to or Remove Resources from an Enterprise Project After Purchasing Workspace?
- Why Can't I Start a Pay-per-Use Cloud Desktop?
-
FAQs for End Users
-
Desktop Usage Issues
- How Do I Do If the Desktop Freezes?
- How Do I Do If the Disk Space Is Insufficient?
- How Do I Enter the CLI Mode?
- How Do I Do If My Desktop Cannot Connect to the Internet?
- Do Cloud Desktops Support Personalized Settings?
- How Do I Take a Screenshot?
- How Do I Do If the Printer Cannot Be Used?
- What If I Can't Use Network Printers on Workspace?
- How Do I Download the Software?
- How Do I Do If Data Disks of a Windows Desktop Cannot Be Found After Recomposing the System Disk?
- What Do I Do If I Cannot Copy Files Between a Desktop and a Local Storage Device?
- How Do I Do If the Desktop Screen Cannot Be Adapted?
- How Do I Do If I Cannot Receive an Email for Creating a Desktop or Assigning a User?
- How Do I Manually Configure Time Synchronization on a Windows Desktop?
- Do Not Disable the Following Ports on Desktops and Access Network
-
Login Issues
- How Do I Do If I Forget the Password?
- What If the Account Is Locked?
- What Devices Can Be Used to Log In to a Desktop?
- What If I Fail to Log in to a Desktop?
- How Do I Do If I Cannot Pass Multi-Factor Authentication?
- How Do I Do If the System Displays a Message Indicating that the Login Fails Due to Policy Restrictions?
-
OS Issues
- Can I Update the Desktop OS?
- What OSs Can Run on Workspace?
- Which Software Cannot Be Uninstalled?
- Which Files Cannot Be Deleted?
- Which Software Cannot Be Upgraded?
- Which Ports Cannot Be Deleted?
- Which Commands Cannot Be Executed?
- How Do I Query the System Information?
- Is There Any Help Document for OSs?
-
Desktop Usage Issues
- Change History
-
FAQs for Administrators
-
User Guide (Application Streaming)
- Overview
-
Administrator Operation Guide
- Operation Procedure
- Logging In to the Workspace Application Streaming Console
- Enabling the Service
- Creating a User
- Applications and Images
- Server Groups
- Application Groups
- User Management
- Policy Groups
- Monitoring Analysis
- OU Management
- Application Internet Access Management
- Upgrading Protocol Components
- Scheduled Tasks
- Storage
- Tenant Configuration
- Private Images
- Configuring Personalized Data
- Subscribing to an Event
- Permissions Management
- Configuring Common Functions
-
FAQs
- What Is the Relationship Between Workspace Application Streaming and Workspace?
- What Types of Applications Can Be Published?
- What Can I Do If an Application Fails to Be Published?
- How Do I Deploy a Windows AD Server?
- How Do I Deploy an RD Licensing Server?
- How Do I Configure RDS Licensing and Security Policies?
- How Do I Create a User OU on the AD Server?
- How Do I Create a User Group on the AD Server?
- How Do I Create a User on the AD Server?
- How Do I Configure Network Connection Between Workspace Application Streaming and the Windows AD?
- How Do I Log in to an APS?
- How Do I Purchase the NAT and EIP Services to Enable Cloud Applications to Be Accessed Through the Internet?
- How Do I Check My Quotas?
- How Do I Increase My Quotas?
- How Do I Do If the Application Operation Page Has Black Borders and Cannot Be Moved?
- How Do I Do If an End User Fails to Log In to a Cloud Application?
- How Do I Reset a User Password?
- How Do I Do If I Fail to Add a Computer Back to the Domain?
- How Do I Add an ECS to the Domain of an APS?
- How Do I Use the GPO Group Policy to Make a Domain User Become a Local Administrator of a PC?
- How Do I Install Sandbox Software?
- How Do I Do If There Is No Sound or the Screen Is Frozen While There Is Sound When Using Google Chrome or Bilibili Player for Video Playback?
- How Do I Do If the Window Cannot Be Dragged When the Sandbox Application Is Started?
- RD License Server Fails to Be Added to the AD domain
- Error Code 6030/6047 Reported When Accessing a Shared Desktop Application
- File Resources on the APS Cannot Be Automatically Refreshed During Workspace Application Streaming Operations
- How Do I Update or Add an Application?
- How Do I Authorize an IAM User to Use Workspace Application Streaming?
- How Do I Calculate the Number of Concurrent Sessions of a Cloud Application?
- What If I Can't Open a Cloud Application?
-
Terminal User Operation Guide
- Process
- Using an Application on a Soft Client
- Using an Application on a Thin Client
-
FAQs
- How Do I Do If the Cloud Application Cannot Be Used?
- How Do I Do If I Cannot View Cloud Applications on Desktops?
- How Do I Do If I Forget the Password?
- How Do I Do If the Account is Locked?
- How Do I Do If I Fail to Log In to the Client?
- How Do I Enable a Local Storage Device to Copy Files to an APS?
- How Do I Recover Important Files and Documents from the Sandbox to the Local Computer?
- How Do I Delete a Sandbox?
- How Do I Remove the Yellow Border of an Application After the Sandbox Application Is Started?
- Change History
On this page
Show all
Creating a Custom Policy
Updated on 2023-12-04 GMT+08:00
Scenarios
Custom policies can be created as a supplement to the system permissions of Workspace.
You can create custom policies in either of the following ways:
- Visual editor: Select cloud services, actions, resources, and request conditions. You do not need to have knowledge of the policy syntax.
- JSON: Create a policy in the JSON format from scratch or based on an existing policy.
For details, see Creating a Custom Policy. The following section contains examples of common Workspace custom policies.
Policy Examples
- Example 1: Assigning the permissions for desktop startup and shutdown to users.
{
"Version": "1.1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"workspace:*:get*",
"workspace:*:list*",
"workspace:*:export*",
"ims:images:get",
"ims:images:list",
"ims:quotas:get",
"nat:natGateways:list",
"nat:snatRules:list",
"vpc:bandwidths:list",
"vpc:networks:get",
"vpc:ports:get",
"vpc:publicIps:get",
"vpc:publicIps:list",
"vpc:quotas:list",
"vpc:securityGroupRules:get",
"vpc:securityGroups:get",
"vpc:subnets:get",
"vpc:vpcs:get",
"vpc:vpcs:list",
"vpcep:endpoints:get",
"dss:pools:list",
"workspace:desktops:operate"
]
}
]
}
NOTE:
workspace:desktops:operate indicates desktop operations (startup, shutdown, restart, and hibernation). Other permissions are read-only and dependent permissions.
Parent topic: Permissions
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
The system is busy. Please try again later.
