In AzureStorageAccount SFTP users' limit

単ルイ(Shan Rui) 130 Reputation points
2023-07-20T08:56:09.85+00:00

Is there an upper limit to the number of SFTP users?

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,361 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
3,068 questions
{count} votes

Accepted answer
  1. Sumarigo-MSFT 47,476 Reputation points Microsoft Employee
    2023-07-21T04:41:27.44+00:00

    @単ルイ(Shan Rui) Adding more information to the above response!

    Correct, our publicly documented limit is 1000 per storage account. We are working on increasing more, It will available very soon, Presently I don't have any ETA for now.

    • Can the generated SAS restrict access to only a specific container In the AzureStorageAccount?

    Yes, the best option would using through Storage explorer tool generate the SAS to specific container.User's image

    • Create a stored access policy for a service SAS. Stored access policies give you the option to revoke permissions for a service SAS without having to regenerate the storage account keys. Set the expiration on these very far in the future (or infinite) and make sure it's regularly updated to move it farther into the future. There is a limit of five stored access policies per container.
    • The SAS token is a string that you generate on the client side, for example by using one of the Azure Storage client libraries. The SAS token is not tracked by Azure Storage in any way. You can create an unlimited number of SAS tokens on the client side. After you create a SAS, you can distribute it to client applications that require access to resources in your storage account.
    • Configure a SAS expiration policy for the storage account. Best practices recommend that you limit the interval for a SAS in case it is compromised. By setting a SAS expiration policy for your storage accounts, you can provide a recommended upper expiration limit when a user creates a service SAS or an account SAS. For more information, see Create an expiration policy for shared access signatures.

    Please let us know if you have any further queries. I’m happy to assist you further.


    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. Tech-Hyd-1989 5,811 Reputation points
    2023-07-20T09:12:30.5933333+00:00

    Hello 単ルイ(Shan Rui)

    Yes, there is an upper limit to the number of SFTP users in Azure. The maximum number of SFTP users that you can have for a storage account is 1000. If you need more than 1000 SFTP users, you can create multiple storage accounts.

    Here are some additional considerations for the number of SFTP users:

    • The number of SFTP users that you can have for a storage account is limited by the number of cores that the storage account has.
    • The number of SFTP users that you can have for a storage account is also limited by the amount of bandwidth that the storage account has.

    If you are planning to have a large number of SFTP users, you should make sure that your storage account has enough cores and bandwidth to support them.

    Here are some of the limitations of SFTP in Azure:

    • SFTP is not a fully managed service in Azure. This means that you are responsible for managing the security of your SFTP server.
    • SFTP is not as scalable as some other file transfer protocols. This is because SFTP is a point-to-point protocol.
    • SFTP can be slower than some other file transfer protocols. This is because SFTP uses encryption, which can add overhead to the file transfer process.

    If you are looking for a more scalable and secure file transfer protocol, you may want to consider using a different protocol, such as Azure Files.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.