Hi @yildiray
Welcome to Microsoft Q&A, thanks for posting your query.
Access management for cloud resources is a critical function for any organization that is using the cloud. Azure role-based access control (Azure RBAC) helps you manage who has access to Azure resources.
Question 1:
Yes, you can restrict an Azure SFTP user to access only specific files in a container. To do this, you’ll need to use Azure Role-Based Access Control (RBAC) and configure Access Control Lists (ACLs) for the files in the container.
you can follow the steps below:
Assign the "Storage Blob Data Reader" role to the user at the storage account level to provide basic read access.
Then, configure ACLs for specific files by navigating to the container in the Azure portal, selecting a file, and setting permissions using Access Control Lists (ACLs). Grant read or write access only for that user on specific files and restrict access to other files by not assigning permissions.
Please follow the below documentation:
What is Azure role-based access control (Azure RBAC)? | Microsoft Learn
https://learn.microsoft.com/en-us/azure/storage/blobs/data-lake-storage-access-control#about-acls
Question 2:
To allow an SFTP user to access multiple containers and resolve the FileZilla issue, you can assign the "Storage Blob Data Contributor" role to the SFTP user for all the containers they need access to and set the Home Directory to "/" in Azure SFTP settings. This will allow them to access all containers directly from the root folder.
If you are facing issues with FileZilla, you can verify that you are using the correct SFTP connection details, such as hostname, username, and password.
FileZilla sometimes struggles with root-level access ("/") for Azure SFTP, so you can try specifying a direct container as the initial path (e.g., /containername) in FileZilla’s advanced settings.
For more information on how to set up Azure SFTP, you can follow the Microsoft documentation
Please feel free to contact if the issue persists, we will be glad to assist you closely. Please do consider clicking on "Accept Answer"
and "Up-vote"
on the post that helps you, as it can be beneficial to other community members.