Secure Desktops Tags

Apply tags to desktop images or desktop pools for use with Secure Desktops.

Adding Tags to Desktop Images

Add tags to desktop images for use with Secure Desktops.

To add tags:
  1. Open the navigation menu and click Compute. Under Compute, click Custom Images.
  2. Click your image.
  3. Click the Tags tab to view or edit the existing tags. Or click More Actions, and then click Add Tags to add new ones.

The tenancy administrator can apply the following tags:

Tag Key Tag Value Description
oci:desktops:is_desktop_image true Enables the image to be used by Secure Desktops to provision desktops. This tag is required.
oci:desktops:image_os_type Oracle Linux | Windows Specifies the operating system type for the image. This tag is required.
oci:desktops:image_version <version> Specifies a meaningful image <version> reference. This tag is optional.

Adding Tags to Desktop Pools

Add tags to desktop pools created in Secure Desktops.

To add tags when creating a desktop pool:
  1. During desktop pool creation, in the Secure Desktops administrator console, click Show tagging options.
  2. Select a Tag Namespace or accept the default (None - add a free-form tag).
  3. Enter a Tag Key and Tag Value.
  4. Click Add tag.
To add tags to an existing desktop pool:
  1. Open the navigation menu and click Compute. Under Secure Desktops, click Desktop Pools.
  2. Under List scope, select the compartment that contains the desktop pool.
  3. Click the desktop pool name.
  4. On the Desktop Pool Details page, do one of the following:
    • Click the Tags tab and then click Add tags.
    • Click More actions and select Add tags.
  5. Select a Tag Namespace or accept the default (None - add a free-form tag).
  6. Enter a Tag Key and Tag Value.
  7. Click Add tag.

The desktop administrator can apply the following tags:

Tag Key Tag Value Description
oci:desktops:dedicated_host_shape <dvh-shape>

Specifies a specific <dvh-shape> to use for your image to create desktops. This tag is optional.

For example, oci:desktops:dedicated_host_shape DVH.Standard2.52 specifies to use the DVH.Standard2.52 shape for the desktop pool and desktops created using this image.

oci:desktops:use_dedicated_host false

Disables default DVH provisioning for Windows 10/11 desktops. This is an option if your license agreement allows virtualizing Windows 10/11 desktops in a cloud environment.

This tag is optional. If this tag is not applied, DVH provisioning is enabled by default.

oci:desktops:enable_measured_boot true Enables Measured Boot, a requirement for Windows 11 shielded desktop instances.

Shielded instances use hardened security to defend against malicious boot level software.

Measured Boot enhances boot security by storing measurements of boot components, such as bootloaders, drivers, and operating systems.

Note:

  • This tag is immutable and can only be added during desktop pool creation.
  • To create shielded desktop instances, you must enable both Secure Boot and Measured Boot.
oci:desktops:enable_secure_boot true Enables Secure Boot, a requirement for Windows 11 shielded desktop instances.

Shielded instances use hardened security to defend against malicious boot level software.

Secure Boot is a Unified Extensible Firmware Interface (UEFI) feature that prevents unauthorized boot loaders and operating systems from booting.

Note:

  • This tag is immutable and can only be added during desktop pool creation.
  • To create shielded desktop instances, you must enable both Secure Boot and Measured Boot.
oci:desktops:hostname_prefix <prefix>

Specifies a custom hostname prefix for desktops in a desktop pool. This tag is optional.

For more information, see Setting the Hostname Prefix for a Desktop Pool.

oci:desktops:is_auth false Enables automatic provisioning of the default desktop user account and uses it by default. This is the default value for this tag. This tag is optional.
true

Disables automatic provisioning of the default desktop user account. Instead, defer to the image's authentication scheme.

This tag is optional. Use this tag if you want to specify your own user accounts integrated with Active Directory or another directory service using LDAP. See User Accounts.