John Savill's Technical Training walks through how SFTP on Azure Storage can use Microsoft Entra ID for authentication, including a demo and practical notes on token lifetime and data-plane authorization (RBAC/ABAC).

Entra ID Integrated SFTP

This video explains how to use SFTP with Azure Storage and authenticate using Microsoft Entra ID instead of relying on local users. It includes a demo and covers key identity/token and authorization concepts relevant to securing SFTP access.

Chapters (from the video)

• 00:00 – Introduction
• 00:32 – Using SFTP
• 03:22 – Local user challenges
• 05:04 – Entra ID integrated auth
• 07:34 – Demo time
• 12:44 – Token lifetime
• 13:39 – Data plane RBAC and ABAC
• 15:07 – Summary
• 15:43 – Close

What the video focuses on

Using SFTP on Azure Storage

• Covers using SFTP against Azure Storage (Blob Storage).
• Highlights operational and security challenges when using local users for SFTP.

Microsoft Entra ID integrated authentication

• Explains the approach for integrating Entra ID authentication with SFTP.
• Demonstrates the setup in a hands-on demo section.

Token lifetime

• Discusses token lifetime considerations and how that impacts SFTP access/authentication behavior.

Data plane authorization: RBAC and ABAC

• Covers authorization controls on the data plane:
  • RBAC (Role-Based Access Control)
  • ABAC (Attribute-Based Access Control)

References (from the description)

• Whiteboard diagram: https://github.com/johnthebrit/RandomStuff/raw/master/Whiteboards/EntraIDSFTP.png
• Microsoft Learn documentation (SFTP Entra ID based access): https://learn.microsoft.com/azure/storage/blobs/secure-file-transfer-protocol-support-entra-id-based-access?tabs=azurecli

Additional links (channel resources)

• Azure learning path: https://learn.onboardtoazure.com
• Certification repository: https://github.com/johnthebrit/CertificationMaterials
• Weekly Azure Update playlist: https://youtube.com/playlist?list=PLlVtbbG169nEv7jSfOVmQGRp9wAoAM0Ks
• Azure Master Class playlist: https://youtube.com/playlist?list=PLlVtbbG169nGccbp8VSpAozu3w9xSQJoY
• DevOps Master Class playlist: https://youtube.com/playlist?list=PLlVtbbG169nFr8RzQ4GIxUEznpNR53ERq
• PowerShell Master Class playlist: https://youtube.com/playlist?list=PLlVtbbG169nFq_hR7FcMYg32xsSAObuq8
• Certification Cram playlist: https://youtube.com/playlist?list=PLlVtbbG169nHz2qfLvPsAz9CnnXofhmcA
• Mentoring playlist: https://youtube.com/playlist?list=PLlVtbbG169nGHxNkSWB0PjzZHwZ0BkXZZ
• FAQ: https://savilltech.com/faq
• Store: https://johns-t-shirts-store.creator-spring.com/