Share via

How to create a gateway for external sftp connections

Lakkaks 20 Reputation points
2023-03-09T08:33:01.07+00:00

Okay, I am fairly new to what I am about to explain. One of our clients provided us a sftp that allows connections only from whitelisted IPs. My apps (publicly hosted in Azure, not inside VNet) need to connect to this sftp. Sometimes, we also need to connect to this sftp manually to quickly check the files there.

I am thinking of creating a gateway that can route connections to this server using one static IP. So, the Apps and the Users can use this gateway as host while connecting.

But I am not sure which Azure service to use here. It goes without saying I have searched enough on the internet to see if anyone has ever dealt with this kind of requirement, but nothing. I am starting to doubt if this approach is feasible?

Any help here would be highly appreciated. Thanks!

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,639 questions
0 comments
Accepted answer
  1. Andreas Hartig 121 Reputation points
    2023-03-09T09:09:14.7733333+00:00

    Hi Lakkaks,

    before modifying your applications, I would consider creating a more detailed plan about what you need and how to achieve it.

    My first two questions would be, about how difficult it would be to have your application whitelisted by their existing IP. Maybe that is simpler to your relatively low number off apps than adding a new feature to have less IPs?

    If you want to scale and also use this as a manual process, I would consider using Azure automation or an existing marketplace solution. A process with scale could be to have your apps drop the files in a pre-defined location (storage account) you can control and than have Azure automation check for new files and transfer them.

    SFTP - SSH connector: https://learn.microsoft.com/en-us/connectors/sftpwithssh/

    SFTP in Azure Logic Apps: https://learn.microsoft.com/en-us/azure/connectors/connectors-sftp-ssh?tabs=consumption

    Azure Automation: https://learn.microsoft.com/en-us/azure/automation/overview

    SSH to storage account: https://learn.microsoft.com/en-us/azure/storage/blobs/secure-file-transfer-protocol-support-how-to?tabs=azure-portal

    You can also check the Azure marketplace and identify an existing solution by using new resource and search for sftp, I would see a few fitting solutions. Maybe use them initially while you learn and replace them later (or enjoy a SaaS aspect).

    Examples that might fit:
    https://github.com/drakkan/sftpgo
    https://help.thorntech.com/docs/sftp-gateway-azure/azure-file-storage-mount/

    Both offers do have a solution in the marketplace like "SFTPGo - SFTP, HTTP/S, FTP/S to Azure Blob Storage" or "

    SFTP Gateway for Azure - SFTP to Blob storage".

    Regards,

    Andreas

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest