Set up service accounts

Stay organized with collections Save and categorize content based on your preferences.

You require a service account to access the Assured Open Source Software (Assured OSS) repository and download packages. You also require the service account to access any of the Assured OSS APIs. It's recommended that you create a new service account to use exclusively for Assured OSS. However, you can also use an existing service account.

To learn how to set up service accounts, see Creating and managing service accounts.

To learn how to create a service account key, see Create and manage service account keys.

To learn about best practices for creating and managing service accounts, see Best practices for working with service accounts.

Get required permissions

After you set up the service account, share the email address for the service account (for example, SA_NAME@PROJECT_ID.iam.gserviceaccount.com) with the Assured OSS services team using a secure communication channel. The team grants the required permissions to access and download software packages and security metadata to the service account.

Learn more

Assured Open Source Software is part of the Software Delivery Shield solution. Software Delivery Shield is a fully-managed, end-to-end software supply chain security solution that helps you to improve the security posture of developer workflows and tools, software dependencies, CI/CD systems used to build and deploy your software, and runtime environments such as Google Kubernetes Engine and Cloud Run. To learn how you can use Assured Open Source Software with other components of Software Delivery Shield to improve the security posture of your software supply chain, see Software Delivery Shield overview.

What's next?