LinkedIn
Copied!

Table of Contents

Pega Cloud SFTP service

The Pega Cloud® SFTP service provides Pega Cloud Services clients with simple, secure file transfers to and from their Pega Cloud applications.

The service securely exchanges files between your enterprise and your Pega applications that Pega Cloud Services runs, and uses the Pega Cloud File Storage repository for reliable and resilient storage.

Client must give a minimum advance notice of 5 business days for the request.

The Pega Cloud SFTP service provides the following features:

  • A secure service for file uploads and downloads to or from you Pega Cloud File Storage
  • Static IP addresses that do not change for the life of the service, eliminating the need for you to add a broad range of IP addresses to a list of allowed connections for the service
  • A separate SFTP server with a unique URL for each environment
  • Admin and, if requested, up to 10 additional standard-user credentials with unique file directories within Pega Cloud File Storage
  • Direct mapping of the Pega Cloud SFTP service to the Pega Cloud File Storage repository providing reliable, scalable file storage capacity. For more information, see Pega Cloud File Storage
  • Bulk data processing through file listeners in your Pega Cloud environment applications or by integrating with Pega Business Intelligence Exchange™ data extracts. The repository securely stores data until removal.

Client responsibilities

Client responsibilities include the following actions:

  • Installing an SFTP or SSH client of your choice to connect to the Pega SFTP Service.
  • Generating the public/private key pair for each user you want to create for the Pega SFTP Service using an SSH client of your choice.
  • Making a request by selecting New request in My Support Portal that includes the following information for each user you want to create and grant access to the SFTP service:
    • at least one public key to assign to the default admin user
    • a list of IP addresses or IP address ranges to add to an allow list for the Pega SFTP service
    • Optional: unique user names to assign to each additional user
    • Optional: unique name of the directories for each additional user
    • Optional: a public key for each additional user you want to access the service
    These details enable clients to authenticate and then connect to their Pega SFTP service through one or more users. For the latest documentation on making requests, see My Support Portal: New Design, Streamlined Features.
  • If using a static IP address, adding the static IP for the Pega SFTP server to an allow list through your enterprise firewall that Pega Cloud Services provides.
  • Client must give a minimum advance notice of 5 business days for the request.

Pegasystems Inc. responsibilities

Pegasystems Inc. responsibilities include the following actions:

  • Integrating the SFTP service with your environment
  • Authenticating the SFTP service using client-provided public keys
  • Providing the client with the following information to connect to the SFTP service:
    • Pega SFTP hostname
    • the top-level SFTP directory
    • the admin username (always sftp-user)
    • the admin key
    • Optional: additional usernames as requested by the client
    • Optional: a unique SFTP sub-directory for each username as requested by the client
    • Optional: a unique key associated with each additional user as requested by the client
    If you request only one user, that user will have admin privileges with access to the top-level directory of the SFTP folder in the Pega Cloud File Storage repository. The admin user does not need to specify an additional directory name.
  • Encrypting data in transit using SSH and data at rest using an environment-specific key
  • Deploying the SFTP service with client-provided public key & public IP(s) provided
  • If requested, providing the static IP address of the SFTP server for the client to add to a list of allowed connections

Connecting to the Pega Cloud SFTP service

After compiling a list of public IP addresses and generating a public/private key pair, complete the following actions:

  1. Log in to your My Support Portal account.
  2. Click New Request, and then select For Something I need to create a new request that includes the public key and IP addresses that are already added to an allow list in the body of the service request form.
    Clients must give a minimum advance notice of 5 business days for the request.
  3. The Pega Cloud Services team receives your service request then deploys the SFTP service.
  4. Pega Cloud Services sends a file containing the SFTP hostname, SFTP username, and folder URL used to access the SFTP service. Pega requires that the hostname and URL use the following format:

    <SFTP hostname>:<client name/designation>.<project>.<type of environment[dev-test, staging, production]>.sftp.pegacloud.net

  5. Configure your SFTP client or SSH shell using the hostname, SFTP username, and folder URL to interact with the Pega Cloud SFTP service. Any additional, non-admin-level users can only access their unique sub-directory in the admin account; the admin user can access to all the sub-directories of the standard users.

    Securely transfer data between your enterprise and your Pega applications running in Pega Cloud Services

Security standard

The Pega Cloud SFTP service security model supports multiple single-user access authentication using a private/public key pair. During client onboarding, Pega uses a client-provided public key to configure authentication to the service. All SFTP services in the subscription require an environment-specific key for Pega Cloud connectivity.

Data management considerations

Keep in mind the following file storage and data management guidelines:

  • File storage utilization: The Pega Cloud SFTP service uses available Pega Cloud File Storage space according to the allocation that is specified in your Pega Cloud Services subscription.
  • Data cleanup: You are responsible for managing your data files according to your enterprise best business practices by using the SFTP client of your choice.

To manage your files in the Pega Cloud File Storage repository, use the Repository API to interact with your files or configure a file listener to process your files. For details, see Pega Cloud File Storage.

Suggest Edit

100% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.