Local Mount cloud connections
Overview
A Local Mount Cloud Connection allows you to write files to the local disk or to a mounted filesystem such as an EFS (Elastic File System) mount attached to your SFTP Gateway server.
This type of connection is useful when you need to:
- Store files directly on the local disk
- Write to network-attached storage (NAS)
- Use cloud-based file systems like AWS EFS, Azure Files, or Google Filestore
- Maintain files on shared storage accessible by multiple SFTP Gateway instances
In order to use a Local Mount Cloud Connection, you will need to map a Folder to it. A Folder is a logical mapping, similar to a mount point.
This article goes over how to create a new Local Mount Cloud Connection.
Warning for HA Deployments:
If you are running SFTP Gateway in a High Availability (HA) configuration with autoscaling, do not write to the local disk (e.g., paths under
/opt/sftpgw/that are not mounted from external storage). Local disk data will be lost when instances are terminated during autoscaling events.For HA deployments, always use a shared storage solution like AWS EFS, Azure Files, or Google Filestore mounted to the local filesystem.
Local Mount Cloud Connections
A Local Mount Cloud Connection defines a local directory path destination and its related settings.
Here is an example of a Local Mount Cloud Connection:
- Connection Name:
EFS Storage - Local Mount Path:
/mnt/efs/uploads
On the Settings tab under the Cloud Connections section, Click on Add New Connection ---> Local Mount and you will see this page:
Fill out the following fields:
Connection Name:
A name you define in order to refer to this Local Mount Cloud Connection.
Cloud Connection Notes:
Optional field for providing more context about this Local Mount Cloud Connection.
Local Mount Path:
Enter the absolute or relative path to the directory where files should be stored.
- Absolute path: Starts with
/(e.g.,/mnt/efs/uploadsor/data/sftp) - Relative path: Does not start with
/(e.g.,sftp_user/uploads)
If you specify a relative path, the application will automatically prepend /opt/sftpgw/ to create the full path.
Examples:
sftp_user/uploads→/opt/sftpgw/sftp_user/uploads/mnt/efs/data→/mnt/efs/data(used as-is)
File Permissions Requirements
IMPORTANT: For the SFTP Gateway application to successfully read from and write to the specified directory, both the target directory AND its parent directory must be owned by the sftpgw user and group.
For a relative path like sftp_user/uploads (which becomes /opt/sftpgw/sftp_user/uploads) no action is needed, since the /opt/sftpgw directory is already owned by the sftpgw user and group.
Setting Ownership
To set the correct ownership on a directory and its parent, run the following commands:
# Set ownership on the parent directory
sudo chown sftpgw:sftpgw /path/to/parent
# Set ownership on the target directory (recursive)
sudo chown -R sftpgw:sftpgw /path/to/parent/directory
Example for /mnt/efs/uploads:
# Set ownership on parent (/mnt/efs)
sudo chown sftpgw:sftpgw /mnt/efs
# Set ownership on target directory and all contents
sudo chown -R sftpgw:sftpgw /mnt/efs/uploads
Verifying Ownership
To verify the ownership is correct for both the parent and target directory:
ls -la /path/to/parent
You should see sftpgw listed as both the owner and group for the parent directory:
drwxr-xr-x 2 sftpgw sftpgw 4096 Nov 17 10:30 parent
Then check the target directory:
ls -la /path/to/parent/directory
Both directories should show:
drwxr-xr-x 2 sftpgw sftpgw 4096 Nov 17 10:30 directory
Note: If only the target directory is owned by
sftpgwbut the parent directory is not, you will still encounter permission errors when attempting to write files.
Monitoring Disk Usage
You can monitor the amount of data and number of files stored in your Local Mount Cloud Connection using the following commands:
Count the number of files:
find /path/to/directory -type f | wc -l
Count the total number of files and directories:
find /path/to/directory | wc -l
Check disk space usage (human-readable format):
du -sh /path/to/directory
Check disk space usage with breakdown by subdirectory:
du -h --max-depth=1 /path/to/directory
Check available disk space on the filesystem:
df -h /path/to/directory
List largest files in the directory:
find /path/to/directory -type f -exec du -h {} + | sort -rh | head -n 20
Common Use Cases
AWS EFS Mount
If you're using AWS EFS with SFTP Gateway in an HA configuration, you would:
- Mount EFS to a directory (e.g.,
/mnt/efs) - Set the ownership on parent:
sudo chown sftpgw:sftpgw /mnt/efs - Create the subdirectory:
sudo mkdir -p /mnt/efs/uploads - Set the ownership on target:
sudo chown -R sftpgw:sftpgw /mnt/efs/uploads - Create a Local Mount Cloud Connection with path:
/mnt/efs/uploads
Azure Files Mount
For Azure Files:
- Mount Azure Files to a directory (e.g.,
/mnt/azure-files) - Set the ownership on parent:
sudo chown sftpgw:sftpgw /mnt/azure-files - Create the subdirectory:
sudo mkdir -p /mnt/azure-files/data - Set the ownership on target:
sudo chown -R sftpgw:sftpgw /mnt/azure-files/data - Create a Local Mount Cloud Connection with path:
/mnt/azure-files/data
Google Filestore
For Google Filestore:
- Mount Filestore to a directory (e.g.,
/mnt/filestore) - Set the ownership on parent:
sudo chown sftpgw:sftpgw /mnt/filestore - Create the subdirectory:
sudo mkdir -p /mnt/filestore/sftp - Set the ownership on target:
sudo chown -R sftpgw:sftpgw /mnt/filestore/sftp - Create a Local Mount Cloud Connection with path:
/mnt/filestore/sftp
Troubleshooting
Permission Denied Errors:
If users receive permission denied errors when uploading files, verify:
- Both the target directory AND its parent directory exist
- The
sftpgwuser owns both the parent and target directories - Both directories have appropriate permissions (typically
755or775)
# Create directories if needed
sudo mkdir -p /path/to/parent/directory
# Set ownership on parent
sudo chown sftpgw:sftpgw /path/to/parent
# Set ownership on target directory
sudo chown -R sftpgw:sftpgw /path/to/parent/directory
# Set permissions
sudo chmod 755 /path/to/parent
sudo chmod 755 /path/to/parent/directory