SFTP on Azure
SFTP is a very widely used protocol which many organizations use today for transferring files within their organization or across organizations. Creating a VM based SFTP is costly and high-maintenance. In absence of a fully managed service, this template will be a good workaround for a cost-effective SFTP solution in Azure which is backed by durable persistent storage. ACI service is very inexpensive and requires very little maintenance, while data is stored in Azure Files which is a fully managed SMB service in cloud.
Key Value Prop
- Simple SFTP Creation
- Persistent and Durable Storage
- Cost efficient solution
- No VM maintenance overhead
- Fast to deploy
How-To create an on-demand SFTP Server with a new Azure Files persistent storage
How-To create an on-demand SFTP Server with an existing Azure Files persistent storage
This template demonstrates an on-demand SFTP server using Azure Container Instances (ACI). The template will generate two container groups:
- create-share-group is a container group that acts as an init container by generating the second container group and an Azure Storage account (based on the 101-aci-storage-file-share template)
- sftp-group is a container group with a mounted Azure File Share. The Azure File Share will provide persistent storage after the container is terminated.
Tags: Azure Container Instance, az-cli, sftp
Click the "Deploy to Azure" button at the beginning of this document or follow the instructions for command line deployment using the scripts in the root of this repository.
Fill in the information
Choose the subscription you want to create the sftp service in
Create a new Resource Group
It will automatically create a storage account of specified Redundancy
Give a File Share Name
Provide a SFTP user name
Provide a SFTP password
Click on I agree to terms and conditions above
Pin to the dashboard
Once deployed, connect Azure to the Filezilla client via the fully qualified domain name (FQDN) of the ACI container group named sftp-group and upload files.
‼️ ACI does not support static IPs for their container groups. Use the container group's FQDN for consistent network connectivity ‼️
After connecting to sftp-group's FQDN, these files should be placed into the Azure File Share. Once transfers are complete, manually stop the sftp-group to pause ACI's billing. The files will remain accessible. You can manually start sftp-group and to copy more files at anytime. If you choose to delete and redeploy sftp-group make sure to update the FQDN connection on Filezilla since this template randomly generates the FQDN during deployment time.
- Click on the container sftp-group
- Copy the FQDN from the container group
- Open Filezilla and open File Site Manager and enter the FQDN, username and password that was originally added during creation
- Upload a file
The file appears in your file share
Troubleshoot - Lost Password
Steps to Update Password
Selected the resource group and go to the SFTP server.
Click on the “ Export Template” icon.
Under “ EnvironmentVariables” changes could be made to the username and password.
Once changes are done redeploy it again.
Azure Container Instances is available in selected locations. Please use one of the available location for Azure Container Instances resource. The container image used by this template is hosted on Docker Hub. It is not affiliated with Microsoft in any way, and usage is at your own risk.