为 Azure 应用服务配置部署凭据Configure deployment credentials for Azure App Service

Azure 应用服务支持两种类型的凭据,这些凭据适用于本地 GIT 部署FTP/S 部署Azure App Service supports two types of credentials for local Git deployment and FTP/S deployment. 这些凭据与 Azure 订阅凭据不同。These credentials are not the same as your Azure subscription credentials.

  • 用户级凭据:一组适用于整个 Azure 帐户的凭据。User-level credentials: one set of credentials for the entire Azure account. 在任何订阅中,它均可用于为 Azure 帐户有权访问的任何应用部署应用服务。It can be used to deploy to App Service for any app, in any subscription, that the Azure account has permission to access. 这是在门户 GUI(例如应用的资源页的“概览”和“属性”)中呈现的默认组。 It's the default set that's surfaced in the portal GUI (such as the Overview and Properties of the app's resource page). 当通过基于角色的访问控制 (RBAC) 或共同管理员权限授予用户应用访问权限时,该用户便可使用其自己的用户级别凭据直到被撤销访问权限。When a user is granted app access via Role-Based Access Control (RBAC) or coadmin permissions, that user can use their own user-level credentials until the access is revoked. 请勿与其他 Azure 用户共享这些凭据。Do not share these credentials with other Azure users.

  • 应用级凭据:用于每个应用的一组凭据。App-level credentials: one set of credentials for each app. 只能使用它部署到该应用。It can be used to deploy to that app only. 每个应用的凭据在其创建时自动生成。The credentials for each app are generated automatically at app creation. 这些凭据不能手动进行配置,但可随时进行重置。They can't be configured manually, but can be reset anytime. 如果要通过 (RBAC) 授予用户访问应用级别凭据的权限,该用户必须是应用的参与者或更高级别身份。For a user to be granted access to app-level credentials via (RBAC), that user must be contributor or higher on the app. 读者不可进行发布,因此无法访问这些凭据。Readers are not allowed to publish, and can't access those credentials.

配置用户级凭据Configure user-level credentials

可以在任何应用的资源页面中配置用户级凭据。You can configure your user-level credentials in any app's resource page. 无论在哪个应用中配置这些凭据,这些凭据都适用于 Azure 帐户中的所有应用和所有订阅。Regardless in which app you configure these credentials, it applies to all apps and for all subscriptions in your Azure account.

在 Azure CLI 中In the Azure CLI

若要在 Azure CLI 中配置部署用户,请运行 az webapp deployment user set 命令。To configure the deployment user in the Azure CLI, run the az webapp deployment user set command. 将 <username> 和 <password> 替换为部署用户名和密码。Replace <username> and <password> with a deployment user username and password.

  • 用户名必须在 Azure 中唯一,并且对于本地 Git 推送,不能包含“@”符号。The username must be unique within Azure, and for local Git pushes, must not contain the �@� symbol.
  • 密码必须至少为 8 个字符,且具有字母、数字和符号这三种元素中的两种。The password must be at least eight characters long, with two of the following three elements: letters, numbers, and symbols.
az webapp deployment user set --user-name <username> --password <password>

JSON 输出会将该密码显示为 nullThe JSON output shows the password as null. 如果收到 'Conflict'. Details: 409 错误,请更改用户名。If you get a 'Conflict'. Details: 409 error, change the username. 如果收到 'Bad Request'. Details: 400 错误,请使用更强的密码。If you get a 'Bad Request'. Details: 400 error, use a stronger password.

在门户中In the portal

在 Azure 门户中,用户必须至少有一个应用,才能访问“部署凭据”页。In the Azure portal, you must have at least one app before you can access the deployment credentials page. 若要配置用户级凭据,请执行以下操作:To configure your user-level credentials:

  1. Azure 门户中,从左侧菜单中选择“应用程序服务” > “<any_app>” > “部署中心” > “FTP” > “仪表板” 。In the Azure portal, from the left menu, select App Services > <any_app> > Deployment center > FTP > Dashboard.

    或者,如果已配置了 Git 部署,请选择“应用程序服务” > “<any_app>” > “部署中心” > “FTP/凭据” 。Or, if you've already configured Git deployment, select App Services > <any_app> > Deployment center > FTP/Credentials.

  2. 选择“用户凭据”,配置用户名和密码,然后选择“保存凭据” 。Select User Credentials, configure the user name and password, and then select Save Credentials.

设置部署凭据后,可以在应用的“概述” 页中找到 Git 部署用户名,Once you have set your deployment credentials, you can find the Git deployment username in your app's Overview page,

如果配置了 Git 部署,则该页显示 Git/部署用户名;否则,显示 FTP/部署用户名If Git deployment is configured, the page shows a Git/deployment username; otherwise, an FTP/deployment username.

Note

Azure 不会显示用户级部署密码。Azure does not show your user-level deployment password. 如果忘记密码,可以按照本部分的步骤重置凭据。If you forget the password, you can reset your credentials by following the steps in this section.

将用户级凭据用于 FTP/FTPSUse user-level credentials with FTP/FTPS

使用用户级凭据向 FTP/FTPS 终结点进行身份验证时需要使用以下格式的用户名:<app-name>\<user-name>Authenticating to an FTP/FTPS endpoint using user-level credentials requirers a username in the following format: <app-name>\<user-name>

由于用户级凭据链接到用户而不是特定资源,因此用户名必须采用此格式才能将登录操作定向到正确的应用终结点。Since user-level credentials are linked to the user and not a specific resource, the username must be in this format to direct the sign-in action to the right app endpoint.

设置和重置应用级凭据Get and reset app-level credentials

若要获取应用级凭据,请执行以下操作:To get the app-level credentials:

  1. Azure 门户中,从左侧菜单中选择“应用程序服务” > “<any_app>” > “部署中心” > “FTP/凭据” 。In the Azure portal, from the left menu, select App Services > <any_app> > Deployment center > FTP/Credentials.

  2. 选择“应用凭据”,然后选择“复制”链接以复制用户名或密码 。Select App Credentials, and select the Copy link to copy the username or password.

若要重置应用级别凭据,请选择相同对话框中的“重置凭据” 。To reset the app-level credentials, select Reset Credentials in the same dialog.

后续步骤Next steps

了解如何使用这些凭据通过本地 GitFTP/S 部署应用。Find out how to use these credentials to deploy your app from local Git or using FTP/S.