SFTP Gateway Support

3.0

Setting up an Instance Identity for SFTP Gateway

Overview

This article goes over how to set up SFTP Gateway v3 with a System-Assigned Managed Identity for connecting to Blob Storage Containers and Azure File Shares.

Cloud Connections can then use this Identity, instead of hard-coding a Connection String or Key.

Step 1

On the overview page of your VM, under Security go to Identity.

You will see two tabs:

  • System assigned
  • User assigned

It will default to System assigned, which is what you want.

Set the Status to On and click Save at the top.

Under Permissions, click Azure role assignments.

Step 3

Step 2

Click Add role assignment (Preview).

This will open a modal window.

Step 4

Under Scope, select Storage.

Under Subscription, select the subscription you are currently under.

Under Resource, select the Storage Account your container is located in.

Under Role, select Storage Blob Data Contributorfor permissions to Blob Storage. Select the Storage File Data Privileged Contributor role for permission to your Azure File Share.

After you have properly configured your Role Assignment, press Create.

Note: If your account does not have the proper permissions you may not be able to create Role Assigments.

Once you log into the Web Admin UI, you will now be able to use instance identity for your Cloud Connection Credentials.

PreviousNext