[[["わかりやすい","easyToUnderstand","thumb-up"],["問題の解決に役立った","solvedMyProblem","thumb-up"],["その他","otherUp","thumb-up"]],[["わかりにくい","hardToUnderstand","thumb-down"],["情報またはサンプルコードが不正確","incorrectInformationOrSampleCode","thumb-down"],["必要な情報 / サンプルがない","missingTheInformationSamplesINeed","thumb-down"],["翻訳に関する問題","translationIssue","thumb-down"],["その他","otherDown","thumb-down"]],["最終更新日 2025-09-04 UTC。"],[],[],null,["# Enable services\n\nThis document describes how to enable APIs for products and features that\nhelp to protect your software supply chain.\n\nTo collect and view software supply chain insights, you must enable the\nfollowing APIs:\n\n- Artifact Analysis API to store metadata that other Google Cloud services generate and use.\n- Container Scanning API to scan container images stored in Artifact Registry for vulnerabilities and other metadata. Enabling this API automatically enables the Artifact Analysis API.\n- Artifact Registry to store your build artifacts.\n- Cloud Build to generate build provenance metadata.\n- (GKE only) Container Security API to scan running workloads for OS vulnerabilities.\n\nYou must run the Container Scanning API in the same Google Cloud\nproject as Artifact Registry. You can run other Google Cloud services that use\nthe registry in separate projects.\n\nEnable APIs required for insights\n---------------------------------\n\nTo enable APIs required to generate and view insights: \n\n### Console\n\n**Use all services in the same project**\n\nEnable the required APIs together.\n\n\n[Enable the APIs](https://console.cloud.google.com/flows/enableapi?apiid=containerscanning.googleapis.com,cloudbuild.googleapis.com,artifactregistry.googleapis.com,containersecurity.googleapis.com)\n\n\u003cbr /\u003e\n\n**Use separate projects**\n\n1. Enable Container Scanning and Artifact Registry in the project where you want\n to run Artifact Registry.\n\n\n [Enable the APIs](https://console.cloud.google.com/flows/enableapi?apiid=containerscanning.googleapis.com,artifactregistry.googleapis.com)\n\n \u003cbr /\u003e\n\n2. Enable the Cloud Build API in projects where you are running\n Cloud Build.\n\n [Enable Cloud Build](https://console.cloud.google.com/flows/enableapi?apiid=cloudbuild.googleapis.com)\n3. Enable the Container Security API in projects where you are running\n GKE.\n\n [Enable Container Security](https://console.cloud.google.com/flows/enableapi?apiid=containersecurity.googleapis.com)\n\n### Google Cloud CLI\n\n**Use all services in the same project**\n\nEnable the required APIs together. \n\n gcloud services enable containerscanning.googleapis.com \\\n cloudbuild.googleapis.com \\\n artifactregistry.googleapis.com \\\n containersecurity.googleapis.com\n\n**Use separate projects**\n\n1. Enable Container Scanning and Artifact Registry in the project where you want\n to run Artifact Registry. Replace \u003cvar translate=\"no\"\u003eAR_PROJECT\u003c/var\u003e with\n the appropriate Google Cloud project ID.\n\n gcloud services enable containerscanning.googleapis.com \\\n artifactregistry.googleapis.com \\\n --project=\u003cvar translate=\"no\"\u003eAR_PROJECT\u003c/var\u003e\n\n2. Enable the Cloud Build API in projects where you are running\n Cloud Build. Replace \u003cvar translate=\"no\"\u003eBUILD_PROJECT\u003c/var\u003e with\n the appropriate Google Cloud project ID.\n\n gcloud services enable cloudbuild.googleapis.com \\\n --project=\u003cvar translate=\"no\"\u003eBUILD_PROJECT\u003c/var\u003e\n\n3. Enable the Container Security API in projects where you are running\n GKE. Replace \u003cvar translate=\"no\"\u003eGKE_PROJECT\u003c/var\u003e with\n the appropriate Google Cloud project ID.\n\n gcloud services enable containersecurity.googleapis.com \\\n --project=\u003cvar translate=\"no\"\u003eGKE_PROJECT\u003c/var\u003e\n\nYou have enabled the minimum required APIs to generate and view insights in\nGoogle Cloud console panels and in the GKE\nsecurity posture dashboard.\n\nYou can enable APIs for other services from the [API\nlibrary](https://console.cloud.google.com/apis/library) or with the [gcloud services\nenable](/sdk/gcloud/reference/services/enable) command.\n\nWhat's next\n-----------\n\n- Learn about the [IAM permissions](/software-supply-chain-security/docs/configure-access) that are required to view security insights.\n- Learn more about software supply chain security in the [overview](/software-supply-chain-security/docs/overview)\n- Learn about [software supply chain security practices](/software-supply-chain-security/docs/practices) and how Google Cloud products help you to implement them."]]
