[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-06-12 (世界標準時間)。"],[[["This guide outlines the process of creating and storing a software bill of materials (SBOM) for container images in Artifact Registry, which lists the image's dependencies."],["SBOMs are generated using the Google Cloud CLI after storing container images in Artifact Registry and scanning them for vulnerabilities with Artifact Analysis, and these SBOMs are stored in Cloud Storage."],["To manage Cloud Storage buckets and upload SBOM files, the Storage Admin IAM role is required, along with creating a Docker repository in Artifact Registry and pushing a container image to it."],["The command `gcloud artifacts sbom export --uri=\u003cURI\u003e` is used to generate an SBOM file, where the URI is the Artifact Registry image URI, and it can be provided in either tag or digest format."],["It is possible to generate an SBOM without ongoing vulnerability scanning by enabling the Container Scanning API before pushing an image to Artifact Registry, then disabling it after the SBOM has been generated to prevent further vulnerability scanning charges."]]],[]]
