Azure Blob Strorage and Local Account SFTP Credentials

Raoul W 11

Hi,

According to the documentation we can create up to 1000 users for SFTP Blob access. However we can not find any api for creating these users or setting/changing the passwords.

This cant be right? Are we supposed to copy and paste the 1.000 users/password manually? And then mail them manually to the end users?

Thanks,

1 answer

Manu Philip 16,991 Reputation points MVP

2022-07-21T14:31:06.113+00:00
Multiple local user accounts and container-level permissions can be assigned to an SFTP for Azure Blob Storage. In-order to create the users and to manage the permissions, you can use Azure CLI.
Following is an example to create a local-user with two permission scopes and an ssh-authorized-key

az storage account local-user create --account-name {account-name} -g {resource-group} -n {username} --home-directory home --permission-scope permissions=r service=blob resource-name=container1 --permission-scope permissions=rw service=file resource-name=share2 --ssh-authorized-key key="ssh-rsa a2V5" --has-ssh-key true --has-ssh-password --has-shared-key false

More details are here: local-user
In-order to create 1000 users bulk, you can go for a bit automation to add all the users inside a csv file and run the cli script

----------

--please don't forget to upvote and Accept as answer if the reply is helpful--
Please sign in to rate this answer.
Raoul W 11 Reputation points

2022-07-25T13:29:54.387+00:00

@Manu Philip So we want to use local account not SSH and just generate or read the password so we can notify the user. Your script seems to target ssh keys. Is it possible to just geenrate a local user and provide or obtain the password?

Manu Philip 16,991 Reputation points MVP

2022-07-25T16:07:19.557+00:00

ssh key is not a mandatory parameter for user creation as indicated in the documentation I shared in my last post. That means you can create local user without an ssh key also

https://learn.microsoft.com/en-us/cli/azure/storage/account/local-user?view=azure-cli-latest#az-storage-account-local-user-create-optional-parameters

Raoul W 11 Reputation points

2022-07-29T10:38:28.917+00:00

Thanks for the link but in this info I still can nto find how to set or egt the Non-SSH password?

Manu Philip 16,991 Reputation points MVP

2022-07-29T16:56:06.737+00:00

I checked the procedure to create a local user in Azure CLI. Following two cli commands will help to create a local user and to set an ssh password. You can use the commands to setup bulk user creation. SSH password printed after running the second command can be passed to to the user to access the account

Here, I am creating a user test1 and setting the password for the user. As the feature is in preview, you should need to install the modules when prompted during running the command at first time

az storage account local-user create --account-name sftpmanu --name test1 --resource-group webapp --has-ssh-password true az storage account local-user regenerate-password --account-name sftpmanu --name test1 --resource-group webapp

----------

--please don't forget to upvote and Accept as answer if the reply is helpful--

Babar Khalid 1 Reputation point

2022-07-29T19:56:54.907+00:00

How can we get the user's password by a CLI command?

Manu Philip 16,991 Reputation points MVP

2022-07-29T21:44:00.85+00:00

The second command given in above answer will provide a password as below:
Sign in to comment

Share via

Azure Blob Strorage and Local Account SFTP Credentials

1 answer