![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 59%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,541 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 31%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVK%3C/text%3E%3C/svg%3E)
Hi @Thaya
To restrict Azure ADLS SFTP access to a directory level for multiple users, you can create local users for each SFTP user and assign them specific permissions for the directories within a single container. You can have up to 1000 local users per storage account. You can add a local user by going to Settings, select SFTP, and then select Add local user. Walking through the prompts you will also be able to setup the user permissions for the storage containers. At this time permissions are only supported at the container level
- For example, if you have a container named
mycontainer, you might set the home directories as follows:- User1:
/mycontainer/user1 - User2:
/mycontainer/user2 - User3:
/mycontainer/user3 - User4:
/mycontainer/user4 - User5:
/mycontainer/user5
- User1:
You will need to set up the home directory for each local user to point to their respective directories within the container. This way, when they connect via SFTP, they will only have access to their designated directory. You can assign permissions such as Read, Write, List, and Delete to control what each user can do within their directory. SFTP support for Azure Blob Storage - Azure Storage | Microsoft Learn
- For User1, set ACLs on
/mycontainer/user1to allow:- Read (
r) - Write (
w) - List (
l) - Delete (
d) - Repeat this for each user, ensuring they only have permissions on their own directory
- Read (
Additionally, ensure that you grant the necessary Execute permissions to the root folder of the container and the hierarchy leading to the specific directories for each user. This will allow them to access their directories while restricting access to others.
- For example, you may need to set the following permissions:
-
/mycontainer: Execute (x) -
/mycontainer/user1: Read (r), Write (w), List (l), Delete (d) - Repeat for other user directories.
-
By following the above steps, you can effectively restrict Azure ADLS SFTP access to a directory level for multiple users within a single container. Each user will have their own home directory and specific permissions
Hope the above answer helps! Please let us know do you have any further queries.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.