This has been a long awaited capability, being able to setup a serverless FTP.
Well, good news, you can now enabled SFTP (Secure FTP) access to your blob storage.
First thing first, you need to register the SFTP support for Azure Blob Storage provider by accessing the Preview features blade from your subscription
This feature is currently available only in the below regions, this means your storage account must resides in one of them:
- North Central US
- East US 2
- East US 2 EUAP
- Central US EUAP
- Canada East
- Canada Central
- North Europe
- Australia East
- Switzerland North
- Germany West Central
- East Asia
- France Central
When creating the storage account you need to enable the hierarchical namespace setting before being able to turn on SFTP
If you already have a storage account hosted in one of the supported region which already has the hierarchical namespace enabled you can enable SFTP on this existing account by accessing the SFTP blade under the Settings and use the Enable SFTP button
Once SFTP is enable, you can create user account to connect using SFTP by using the Add local user button
When adding a user you can define the authentication methods used (between SSH Password and/or SSH Key).
You can retrieve the corresponding authentication details once the user is created.
If you choose to enable SSH Key, you can either let Azure to generate a new key pair or use existing key.
Then you define the user permission on the container; if you don’t have yet a container created you can create one from there too.
As for any FTP service, you can also configure the home directory of the user
Once the user is created, you will be able to get the corresponding details of the authentication methods you have enabled
You can get the connection string using the Connection string field
If you need you can also regenerate the authentication secrets using the Regenerate option available under the Authentication field
That’s it, you are ready to use your Azure Blob storage as FTP (sorry SFTP) using your favourite SFTP client; you may be prompted to trust the remote host as the host key is not known yet