When you're working in Azure, there are several different ways to deploy applications, whether you're using Azure DevOps, GitHub Actions, or simply configuring deployments at an app service level. With app services, besides the authentication to Azure, you also have separate deployment authentication.
When you configure deployments for app services, it allows you to continuously deploy code to the app service. You don't have to set up a CICD pipeline or transition to any other platform. Instead, whenever you push code to a repository in, say, GitHub for example, the Azure app service will be automatically updated with the new code and deployment will take place in the background automatically.
To deploy to an Azure app service, you need permissions. In this guide, you will learn how to configure deployment credentials for an Azure app service.
To follow along with this guide, you will need the following:
When you think about deployments for any code, one of the things that may get overlooked in the beginning is security—security from an outbound perspective, but also inbound. When an app service is created, it can actually be done using anonymous access. That means virtually anyone, in the company or outside of the company, has the possibility of getting access and manipulating it in some way.
With deployment credentials, all of that is not an issue. You have the ability to set up a specific username and password that must be used for authentication in a deployment scenario.
Let's think about a real-world example. Perhaps you're working in a global organization, so there are many teams spread across the world. Because there are teams spread across the world, teams may be working on different pieces of code in each time zone. Instead of having to wake someone up at 2:00 AM to deploy, you have deployment credentials that are shared with contributors to the project. That way, there isn't a single point of failure on any one team or any one person.
Before configuring credentials for an app service, the app service needs to exist. In this section, you'll take a look at an easy way to configure an app service using Azure CLI.
az appservice plan create -g your_resource_group_name -n pluralsightappserviceplan
az webapp create -g your_resource_group_name -p pluralsightappserviceplan -n pluralsightapp92
Once you run the Azure CLI commands, you will see a newly created Azure app service in the Azure portal.
There are two ways of configuring deployment credentials. The first is by using the Azure CLI. This will give you the ability to automate the process so you don't have to worry about manually accessing the UI.
If you'd like to access the UI to configure deployment credentials, or just do it once so you can understand the process from a manual perspective, you can do that as well. That will be the second way shown.
az webapp deployment user set --user-name pluralsightapp --password Test123!@#
Of course, you'll want to set a password that is best suited for the environment you're in.
Now that you know how to create credentials automatically, let's see how to do it from the Azure portal.
Congrats! You have successfully set up deployment credentials for Azure app services.
When you're working with any application, you want to ensure the correct people and departments have the ability to deploy code to it. If there's only one person or one department that has the ability to deploy, chances are the departments are siloed and there is a single point of failure.
In this guide, you learned how to not only create a new app service and app service plan, but ensure that the appropriate users have access to the app service to deploy code.