Creating a Bucket

Use the following procedure to create a bucket.

All fields required for the creation of a bucket have a red asterisk next the field label.

Note:You can also use SBOM Insights REST API to create a bucket. See SBOM Insights API for more information about working with the APIs.

To create a bucket:

Click Create Bucket in the left navigation panel to open the Create Bucket page.

Complete the following fields to define the bucket.

Field

Description

Parent

(Optional) A bucket can stand alone or be a child of another bucket. If you intend this bucket to be the child of another bucket, select the parent bucket from the dropdown list.

When you define a bucket as a child bucket, you create a nested hierarchy of parts. This hierarchy can be used to represent the complexity of a software entity and the inter-relationship of its SBOM parts.

Type

From the dropdown list, select the bucket type representing the entity or context containing the open-source, third-party, or commercial software components that will be associated with the bucket as SBOM parts.

The list of types includes those based on the SPDX and CycloneDX specifications for representing a hierarchy in an application. It also includes types representing organizational structure such as a product family, an organization, or a business unit.

•

Application—A software application

•

Container—A container belonging to a software application

•

Device—Software installed on a device

•

File—A file belonging to a software application

•

Firmware—Code embedded in a device

•

Framework—A software framework to developing an application

•

Library—A software library used in a program or application

•

Operating System—An operating system on a device

•

Product Family—A set of related software products developed or consumed by an organization

•

Organization—The software developed or consumed by an organization

•

Business Unit—The software developed or consumed by a business unit

Name

Provide a name for the bucket. This value must be unique within the Organization to which you belong in SBOM Insights.

Software Release ID

(Optional) To associate all the parts in this bucket with a specific application found in the Flexera Technopedia catalog, enter the application’s unique software release ID as defined in the catalog. Should a security vulnerability be associated with one or more parts in the application, Flexera IT Visibility users (who are also SBOM Insights users) can use this ID to search for those assets in their organization that access the application.

If necessary, click the Find button to search for the Software Release ID in Technopedia. For further instructions, see Searching Technopedia for the Software Release ID of the Application Associated with a Bucket.

Note:On the Edit Bucket slideout, the Change button replaces the Find button if a value currently exists for this field.

Multiple buckets can be assigned the same Software Release ID.

To delete the existing value in this field, click the icon to the right of the value.

Description

(Optional) Provide a meaningful description of the bucket.

Click Save. A message in the top right corner of the page confirms that the bucket was successfully created.

Watch a Demo

For a demonstration of how to create a bucket, watch the following video.