Console
    Start free

    gcloud artifacts sbom load

    NAME
    gcloud artifacts sbom load - upload an SBOM file and create a reference occurrence
    SYNOPSIS
    gcloud artifacts sbom load --source = SOURCE --uri = ARTIFACT_URI [ --destination = DESTINATION ] [ --kms-key-version = KMS_KEY_VERSION ] [ --location = LOCATION ] [ GCLOUD_WIDE_FLAG ]
    DESCRIPTION
    Upload an SBOM file and create a reference occurrence.
    EXAMPLES
    To upload an SBOM file at /path/to/sbom.json for a Docker image in Artifact Registry: 
     gcloud  
artifacts  
sbom  
load  
 --source 
 = 
/path/to/sbom.json  
 --uri 
 = 
us-west1-docker.pkg.dev/my-project/my-repository/busy-box@sha256:abcxyz

    To upload an SBOM file at /path/to/sbom.json for a Docker image with a KMS key version to sign the created SBOM reference:

     gcloud  
artifacts  
sbom  
load  
 --source 
 = 
/path/to/sbom.json  
 --uri 
 = 
us-west1-docker.pkg.dev/my-project/my-repository/busy-box@sha256:abcxyz  
 --kms-key-version 
 = 
projects/my-project/locations/us-west1/keyRings/my-key-ring/cryptoKeys/my-key/cryptoKeyVersions/1

    To upload an SBOM file at /path/to/sbom.json for a Docker image from a Docker registry:

     gcloud  
artifacts  
sbom  
load  
 --source 
 = 
/path/to/sbom.json  
 --uri 
 = 
my-docker-registry/my-image@sha256:abcxyz  
 --destination 
 = 
gs://my-cloud-storage-bucket
    REQUIRED FLAGS
    --source = SOURCE
    The SBOM file for uploading.
    --uri = ARTIFACT_URI
    The URI of the artifact the SBOM is generated from. The URI can be a Docker image from any Docker registries. A URI provided with a tag (e.g. [IMAGE]:[TAG] ) will be resolved into a URI with a digest ( [IMAGE]@sha256:[DIGEST] ). When passing an image which is not from Artifact Registry or Container Registry with a tag, only public images can be resolved. Also, when passing an image which is not from Artifact Registry or Container Registry, the --destination flag is required.
    OPTIONAL FLAGS
    --destination = DESTINATION
    The storage path will be used to store the SBOM file. Currently only supports Cloud Storage paths start with 'gs://'.
    --kms-key-version = KMS_KEY_VERSION
    Cloud KMS key version to sign the SBOM reference. The key version provided should be the resource ID in the format of projects/[KEY_PROJECT_ID]/locations/[LOCATION]/keyRings/[RING_NAME]/cryptoKeys/[KEY_NAME]/cryptoKeyVersions/[KEY_VERSION] .
    --location = LOCATION
    If specified, all requests to Artifact Analysis for occurrences will go to location specified
    GCLOUD WIDE FLAGS
    These flags are available to all commands: --access-token-file , --account , --billing-project , --configuration , --flags-file , --flatten , --format , --help , --impersonate-service-account , --log-http , --project , --quiet , --trace-token , --user-output-enabled , --verbosity .

    Run $ gcloud help for details.
    Create a Mobile Website
    View Site in Mobile | Classic
    Share by: