Contact UsGet started

Getting started with Yandex Cloud Desktop

Written by
Updated at March 31, 2025

Note

This guide contains information on how to create and set up a desktop group. If you received a link to the user desktop showcase from an administrator, go to Get connection credentials.

Cloud Desktop is a service to manage virtual Linux-based desktop infrastructure.

Create a Yandex Cloud Organization user group and deploy a Cloud Desktop desktop group for it:

  1. Prepare your cloud environment.
  2. Create a user group.
  3. Deploy a desktop group.
  4. Configure an ACL for the desktop group.
  5. Create a desktop.
  6. Get the connection credentials.
  7. Connect to the desktop.

Getting started

  1. Log in or sign up to the management console. If not signed up yet, navigate to the management console and follow the on-screen instructions.

  2. On the Billing page, make sure you have a billing account linked and its status is ACTIVE or TRIAL_ACTIVE. If you do not have a billing account yet, create one.

  3. If you do not have a folder yet, create one.

  4. Assign these minimum roles to your Yandex Cloud account:

    If you have a primitive admin role for a folder, you do not need to assign any additional roles.

    Note

    If you are unable to manage roles, contact your cloud or organization administrator.

  5. To make sure your desktops have access to the internet, set up a NAT gateway for the subnets that will host them.

Create a user group

  1. Log in to Yandex Cloud Organization using an administrator or organization owner account.

  2. In the left-hand panel, select Groups.

  3. In the top-right corner of the page, click Create group.

  4. Enter a name and description for the group.

    The name must be unique within the organization and follow the naming requirements:

    • It must be from 1 to 63 characters long.
    • It may contain lowercase Latin letters, numbers, and hyphens.
    • It must start with a letter and cannot end with a hyphen.

  5. Click Create group.

  6. On the page that opens, go to the Members tab and click Add member.

  7. In the window than opens, select the users to deploy a desktop group for.

  8. Click Save.

Deploy a desktop group

  1. In the management console, select the folder to create your desktop group in.
  2. In the list of services, select Cloud Desktop.
  3. Click Create desktop group.
  4. Enter a name for the desktop group.
  5. Select Ubuntu 20.04 LTS for the OS image.
  6. Under Disks:
    • Select SSD for the boot and working disk types.
    • Set the boot disk size to 60 GB.
    • Set the working disk size to 4 GB.
  7. Under Computing resources:
  8. Under Network settings, select the cloud network and subnets to host desktops.
  9. Click Create.

Configure an ACL for the desktop group

Cloud Desktop leverages Yandex Identity and Access Management roles and access control lists (ACL) to manage access. This example shows how access control works in Cloud Desktop.

  1. To the right of the desktop group created earlier, click and select Configure ACL.
  2. In the ACL editing window that appears, select the user group you created earlier, specify the vdi.viewer role for it, and click Add.
  3. Click Save.

Create a desktop

  1. In the left-hand panel, select Desktops.

  2. Click Create desktop.

  3. Select the desktop group you created earlier.

  4. Specify the subnet the desktop will be in.

    Note

    To provide your desktop with internet access, make sure to configure a NAT gateway in the subnet.

  5. Specify the user that the desktop is created for.

  6. Click Create.

Get the connection credentials

  1. In the management console, select the folder containing your desktop.
  2. In the list of services, select Cloud Desktop.
  3. In the left-hand panel, select Desktops.
  4. Select the desktop to connect to.
  5. Under Desktop user, next to the user account, click and select Reset password.
  6. Confirm the password reset.
  7. Save a new password from the pop-up window and close it.
  8. At the top right, click Download RDP file.

  1. Open the User desktop showcase.

  2. Authenticate with your Yandex ID or Single Sign-On (SSO).

  3. If the desktop you want to connect to has the Stopped status, run it by clicking and confirm the action.

    Wait for the desktop status to change to Active.

  4. Click and confirm the password reset.

  5. Save a new password from the pop-up window and close it.

  6. Click Download RDP file.

If you do not have the Yandex Cloud CLI yet, install and initialize it.

The folder specified in the CLI profile is used by default. You can specify a different folder through the --folder-name or --folder-id parameter.

  1. See the description of the CLI command to get RDP file data:

    yc desktops desktop get-rdp-file --help

  2. Get a list of desktops in the default folder:

    yc desktops desktop list

    Result:

    +----------------------+------------------+--------+----------------------+---------------------+
|          ID          |       NAME       | STATUS |   DESKTOP GROUP ID   |   CREATED (UTC-0)   |
+----------------------+------------------+--------+----------------------+---------------------+
| e3vmvhgbgac4******** | my-cloud-desktop | ACTIVE | e3v1rbln45tl******** | 2024-10-09 22:42:28 |
| e3vio1bc5ppz******** | reserved-desktop | ACTIVE | e3v1rbln45tl******** | 2024-10-09 21:35:17 |
+----------------------+------------------+--------+----------------------+---------------------+

  3. Select the ID or NAME of the desktop you need, e.g., my-cloud-desktop.

  4. Reset the desktop user password.

  5. Request the data:

    yc desktops desktop get-rdp-file --name <desktop_name>

    Result:

    full address:s:my-cloud-desktop
gatewayhostname:s:rdg.vdi.cloud.yandex.net:3839
gatewaycredentialssource:i:5
gatewayusagemethod:i:1
gatewayprofileusagemethod:i:1
gatewayaccesstoken:s:ver=1;desktopUserToken=0174a9f2-...V6DQ
networkautodetect:i:0
bandwidthautodetect:i:1
connection type:i:6
username:s:.\alice-little
domain:s:
bitmapcachesize:i:32000
smart sizing:i:1
audiocapturemode:i:1
audiomode:i:0
authentication level:i:0

  6. Save the resulting data to a file with the .rdp extension.

Use the getRdpFile REST API method for the Desktop resource or the DesktopService/GetRdpFile gRPC API call.

To reset the password, use the resetPassword REST API method for the Desktop resource or the DesktopService/ResetPassword gRPC API call.

Connect to the desktop

To establish a desktop connection, use the Remote Desktop Protocol (RDP).

  1. Right-click the downloaded RDP file and select Edit (in Windows 11, select Show more optionsEdit).
  2. In the Remote Desktop Connection window, the General tab, select Allow me to save credentials and click Connect.
  3. In the security window, select Don't ask me again for connections to this computer and click Yes.
  4. Enter the previously saved password, select Remember me, and click OK.

To reconnect to the desktop, run the RDP file you saved.

  1. Install and run Microsoft Remote Desktop, an official free RDP client for macOS.
  2. Open the Connections menu amd click Import from RDP file.
  3. In the window that opens, select the downloaded RDP file and click Import.
  4. Open the Microsoft Remote Desktop menu and select Settings.
  5. In the window that opens, go to the User Accounts tab.
  6. In the list of accounts on the left, select the account to connect and paste the previously saved password into the Password field.
  7. Close the settings window.
  8. In the PCs tab, run the desktop added.
  9. In the security window, click Continue.

To reconnect to the desktop, run it in the Microsoft Remote Desktop client in the PCs tab. In the security window, click Continue.

See also

  1. Install Remmina, a free RDP client for Linux. Run the following commands in the terminal:

    sudo apt-add-repository ppa:remmina-ppa-team/remmina-next
sudo apt-get update
sudo apt-get install remmina remmina-plugin-rdp

  2. Start Remmina.

  3. In the top menu, click and select Import. Run the downloaded RDP file and click Import.

  4. Right-click the added desktop and select Edit.

  5. In the Remote Connection Profile window, set up the connection:

    • In the Username field, remove the first two characters: .\.
    • In the Password field, type the previously saved password.

  6. Click Save and Connect.

To reconnect to the desktop, run it in the Remmina client.

See also

Next
All guides