[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-03-26。"],[[["This guide outlines the process of creating and storing a software bill of materials (SBOM) for container images in Artifact Registry, which lists the image's dependencies."],["SBOMs are generated using the Google Cloud CLI after storing container images in Artifact Registry and scanning them for vulnerabilities with Artifact Analysis, and these SBOMs are stored in Cloud Storage."],["To manage Cloud Storage buckets and upload SBOM files, the Storage Admin IAM role is required, along with creating a Docker repository in Artifact Registry and pushing a container image to it."],["The command `gcloud artifacts sbom export --uri=\u003cURI\u003e` is used to generate an SBOM file, where the URI is the Artifact Registry image URI, and it can be provided in either tag or digest format."],["It is possible to generate an SBOM without ongoing vulnerability scanning by enabling the Container Scanning API before pushing an image to Artifact Registry, then disabling it after the SBOM has been generated to prevent further vulnerability scanning charges."]]],[]]
