Creates a policy.
Description
A policy is a set of security rules that are used to control security configurations when regular users use cloud desktops. A policy consists of basic policies, such as USB redirection and watermarking, and security group rules. For more information, see Policy overview.
Debugging
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| Action | String | Yes | CreatePolicyGroup |
The operation that you want to perform. Set the value to CreatePolicyGroup. |
| RegionId | String | Yes | cn-hangzhou |
The ID of the region. |
| Clipboard | String | No | off |
The permissions on clipboards. Valid values:
Default value: off. |
| LocalDrive | String | No | off |
The permissions on local disk mapping. Valid values:
Default value: off. |
| UsbRedirect | String | No | off |
Specifies whether to enable USB redirection. Valid values:
Default value: off. |
| VisualQuality | String | No | medium |
The policy of image display quality. Valid values:
Default value: medium. |
| Html5Access | String | No | hide |
The access policy for HTML5 clients. Valid values:
Default value: off. Note We recommend that you use the ClientType-related parameters to control the EDS client
type for cloud desktop logon.
|
| Html5FileTransfer | String | No | off |
The file transfer policy for HTML5 clients. Valid values:
Default value: off. |
| Watermark | String | No | off |
Specifies whether to enable watermarking. Valid values:
Default value: off. |
| Name | String | No | testPolicyGroupName |
The name of the policy. |
| WatermarkType | String | No | EndUserId |
The type of the watermark. You can specify multiple watermark types at a time. Separate the watermark types with commas (,). Valid values:
|
| WatermarkTransparency | String | No | LIGHT |
The transparency of the watermark. Valid values:
Default value: LIGHT. |
| PreemptLogin | String | No | on |
Specifies whether to allow user preemption. Note To improve user experience and ensure data security, multiple regular users are not
allowed to log on to the same cloud desktop. By default, this feature is disabled
and the value cannot be modified.
|
| DomainList | String | No | [black:],example.com |
The domain blacklist or whitelist. Wildcard domains are supported. Separate domain names with commas (,). Valid values:
|
| PrinterRedirection | String | No | on |
The policy of the printer redirection. Valid values:
|
| PreemptLoginUser.N | RepeatList | No | Alice |
The user N that is allowed to log on to a cloud desktop that another user is logged on. The value is the username that you specify. You can specify up to five usernames. Note To improve user experience and ensure data security, multiple regular users are not
allowed to log on to the same cloud desktop.
|
| AuthorizeSecurityPolicyRule.N.Type | String | No | inflow |
The direction of security group rule N. Valid values:
|
| AuthorizeSecurityPolicyRule.N.Policy | String | No | accept |
The authorization policy of security group rule N. Valid values:
Default value: accept. |
| AuthorizeSecurityPolicyRule.N.PortRange | String | No | 22/22 |
The port range of security group rule N. The value of the port range is determined by the protocol type specified by the AuthorizeSecurityPolicyRule.N.IpProtocol parameter.
For more information about the common ports of typical applications, see Common ports. |
| AuthorizeSecurityPolicyRule.N.Description | String | No | test |
The description of security group rule N. |
| AuthorizeSecurityPolicyRule.N.IpProtocol | String | No | tcp |
The protocol type of security group rule N. Valid values:
|
| AuthorizeSecurityPolicyRule.N.Priority | String | No | 1 |
The priority of security group rule N. A smaller value indicates a higher priority. Valid values: 1 to 60. Default value: 1. |
| AuthorizeSecurityPolicyRule.N.CidrIp | String | No | 10.0.XX.XX/8 |
The object to which security group rule N applies. The value is an IPv4 CIDR block. |
| AuthorizeAccessPolicyRule.N.Description | String | No | test |
The description of the client IP address whitelist. |
| AuthorizeAccessPolicyRule.N.CidrIp | String | No | 10.0.XX.XX/8 |
The IPv4 CIDR block that can be accessed from the client. |
| ClientType.N.Status | String | No | ON |
Specifies whether client type N is allowed to log on to the cloud desktop. Valid values:
Note By default, if you do not set the ClientType-related parameters, all types of clients
are allowed to log on to cloud desktops.
|
| ClientType.N.ClientType | String | No | windows |
The client type N that is allowed to log on to cloud desktops. Valid values:
Note By default, if you do not set the ClientType-related parameters, all types of clients
are allowed to log on to cloud desktops.
|
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| PolicyGroupId | String | pg-gx2x1dhsmthe9**** |
The ID of the policy. |
| RequestId | String | 1CBAFFAB-B697-4049-A9B1-67E1FC5F**** |
The ID of the request. |
Examples
Sample requests
https://ecd.cn-hangzhou.aliyuncs.com/?Action=CreatePolicyGroup
&RegionId=cn-hangzhou
&<Common request parameters>
Sample success responses
XML format
<CreatePolicyGroupResponse>
<RequestId>1CBAFFAB-B697-4049-A9B1-67E1FC5F****</RequestId>
<PolicyGroupId>pg-gx2x1dhsmthe9****</PolicyGroupId>
</CreatePolicyGroupResponse>
JSON format
{
"CreatePolicyGroupResponse": {
"RequestId": "1CBAFFAB-B697-4049-A9B1-67E1FC5F****",
"PolicyGroupId": "pg-gx2x1dhsmthe9****"
}
}