Peripheral policies in Elastic Desktop Service (EDS) control how cloud computers access the disks and peripherals of local devices. Use these policies to set redirection modes, configure per-device access rules, and manage USB device allowlists and blocklists.
Web clients do not support USB redirection because they do not support USB devices. If your users connect through a web client, USB redirection settings have no effect. For USB redirection to work, users must connect through a Windows client or macOS client.
Use cases
Peripheral policies cover two scenarios:
-
Local disk access: Enable local disk mapping so cloud computers can read or write data on the disks of local devices.
-
Peripheral access: Configure redirection policies to specify which local peripherals cloud computers can access, and use a blacklist or whitelist for fine-grained control.
Redirection methods
EDS supports two USB redirection methods. Choose based on where the device driver is installed:
| Method | Driver location | Supported peripherals |
|---|---|---|
| USB Redirection | Installed on the cloud computer | ADB, Scanner |
| Device Redirection | Installed on the client | Webcam (ASP-based Windows cloud computers only) |
Deny disables peripheral access entirely. When USB Redirection is disabled globally, any peripheral previously set to USB Redirection automatically switches to Deny.
To set a peripheral to USB Redirection, first enable the USB Redirection toggle. When USB Redirection is disabled, any peripheral previously set to USB Redirection automatically switches to Deny.
Configuration reference
Peripheral connection guide
| Configuration item | Default | Description | Supported platforms |
|---|---|---|---|
| Peripheral Connection Guide | Enabled | When disabled, the terminal does not show the connection guide pop-up for connected peripherals. | Windows cloud computers only |
Peripherals and printers
| Configuration item | Default | Valid values | Supported platforms |
|---|---|---|---|
| Peripherals and Printers Shortcut | Shown | Show Shortcut / Hide Shortcut | Windows cloud computers only |
Local disk redirection
| Configuration item | Valid values | Description |
|---|---|---|
| Local Disk Mapping | Read-only | View and copy data on local disks from cloud computers. Write access is not allowed. |
| Read/Write | View, copy, and modify data on local disks from cloud computers. | |
| Close | No access to local disk data from cloud computers. |
Peripheral redirection
| Configuration item | Valid values | Limits |
|---|---|---|
| USB Redirection | Enable / Disable | Web clients are not supported. When disabled, all peripherals set to USB Redirection switch to Deny. |
| Webcam | USB Redirection / Device Redirection / Deny | ASP-based Windows cloud computers only. Only Device Redirection is supported. |
| Scanner | USB Redirection only | — |
| ADB | USB Redirection / Device Redirection / Deny | No limit. |
| Printer | — | Requires a Windows client or macOS client connection. |
| Serial Device | — | Windows cloud computers only. |
| Cloud Hub | Enable / Disable (disabled by default) | Requires local management software. When enabled, provides cloud-based peripheral services. |
Peripheral blacklist and whitelist
The blacklist and whitelist take precedence over the USB redirection policies configured for individual peripheral types.
-
Blacklist: Cloud computers can access USB devices on the blacklist, even if USB redirection is disabled for that device type.
-
Whitelist: Cloud computers cannot access USB devices on the whitelist, even if USB redirection is enabled for that device type.
Limits:
-
Up to 100 blacklist or whitelist rules.
-
Rule priorities are in descending order. Adjust the order of entries to change priority.
-
Vendor Identifiers (VIDs) and Product Identifiers (PIDs) are 4-bit hexadecimal strings, such as
a12c. -
Changes take effect the next time a client connects to the cloud computer.
Peripheral management policies
| Configuration item | Description | Limits |
|---|---|---|
| Custom Rules | Define custom redirection policies by VID and PID. | Up to 100 custom policies. VIDs and PIDs are 4-bit hexadecimal strings (e.g., a12c). Requires Alibaba Cloud Workspace terminal V6.4.0 or later. |
| Recommended Rule for Best Practice | EDS-recommended policies for best practices. | Read-only. Custom policies take precedence. Requires Alibaba Cloud Workspace terminal V6.4.0 or later. |