Components installed with Software Bill of Materials applications

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 3 minutes de lecture

    • Several types of components are installed with activation of the Software Bill of Materials applications, including tables, user roles, and scheduled jobs.

    Roles installed

    Role title [name] Description Contains roles

    sn_sbom_response.managelicense

    This role is installed with the SBOM Response application.

    This role permits you to resolve licenses to components.

    None

    sn_sbom_response.licenseresolver

    This role is installed with the SBOM Response application.

    This role permits you to view uploaded license information and determines which licenses are permitted and which are banned.

    None

    SBOM write [sn_sbom_dm.app_write], SBOM create [sn_sbom_dm.app_create], SBOM read [sbom_dm.app_read]

    These roles are installed with the Data Model for SBOM application.

    They permit you to read, create, and edit records in SBOM tables.

    None

    SBOM Cores ingests [sn_sbom_core.sbom_ingest] and SBOM Core admin [ sn_sbom_core.admin]

    These roles are installed with the SBOM Core application.

    The sn_sbom_core.sbom_ingest role permits you to upload SBOMs manually and via the REST API. The sn_sbom_core.admin role permits you to create, read, edit data, and upload SBOMs.

    This role also gives you access to the SBOM Core modules in your instance. It inherits the roles from the Data Model for SBOM application.
    • sn_sbom_dm.app_write
    • sn_sbom_dm.app_create
    • sn_ sbom_dm.app_read

    SBOM Analyst

    [sn_sbom_resp.sbom_analyst]

    This role is installed with the SBOM Response application.

    It inherits the sn_sbom_core.admin role and enables you to access the SBOM Workspace.
    • sn_sbom_core.admin
    • sn_sbom_dm.app_write
    • sn_sbom_dm.app_create
    • sn_ sbom_dm.app_read
    • sn_sbom_resp.manage_avi_rule
    • sn_sbom_config_rule table

    Tables installed with the SBOM applications

    The tables listed in the following table are installed with the Data model for SBOM application.

    Tableau 1. Data model for SBOM tables
    Table Description

    SBOM document

    [sn_sbom_doc]

    Contains the BOM entities you've uploaded.

    SBOM component

    [sn_sbom_component]

    		 Contains imported SBOM components, classifiers, and versions that are included in the parent component.

    SBOM component relationship

    [sn_sbom_comp_relationship]

    		 Contains components and their dependencies.

    SBOM m2m bom component

    [sn_sbom_m2m_bom_comp]

    		 Contains the BOM component mappings.

    SBOM license

    [sn_sbom_license]

    		 Contains the open-source license IDs used for components.

    SBOM supplier

    [sn_sbom_supplier]

    		 Contains the organization that supplied the component, which might be a manufacturer, distributor, or repackager.

    SBOM component ID

    [sn_sbom_comp_id]

    		 Contains the component identifiers.

    SBOM component properties

    [sn_sbom_comp_property]

    		 Contains the component name-value properties.

    SBOM hash

    [sn_sbom_hash]

    		 Contains component hashing algorithms.

    SBOM contact

    [sn_sbom_contact]

    		 Contains contact information for the supplier.

    SBOM external references

    [sn_sbom_comp_external_ref]

    		 Contains components, component types, and external URLs that document systems, sites, and information that might be relevant but are not included with the SBOM.

    SBOM package group

    [sn_sbom_pkg_group]

    		 Contains the package group information for every component. Multiple version of libraries may be used across applications. Versions of the same components are grouped and added to this table to avoid pulling the same data multiple times.

    The tables listred in the following table are installed with the SBOM Response application

    Tableau 2. SBOM Response tables
    Table Description

    SBOM creation rule configuration

    [sn_sbom_config_rule]

    		 Contains AVIT creation rules used in the SBOM Workspace.

    SBOM m2m component vulnerabilities

    [sn_sbom_m2m_comp_vuln]

    		 Contains the components and associated vulnerabilities.
    Component vulnerability fix information

    [sn_sbom_comp_vuln_fix_info]

    		 Contains the fix versions for each third-party vulnerability associated to a version of the component.
    Component report insights

    [sn_sbom_comp_report_insight]

    		 Contains insights about stale, abandoned, and fixability data for components.
    Deps Integration Imports

    [sn_sbom_deps_integration_import]

    		 Contains imported version list information for a given package or library.
    OSV Integration Imports

    [sn_sbom_osv_integration_import]

    		 Contains vulnerability intelligence information for a given version of a package or library.
    Component Version Lists

    [sn_sbom_st_version_list]

    		 Contains version information and published dates for components.

    Scheduled jobs

    Job Description
    Calculate Component Fixability and Vulnerability Calculates information about how to fix components with vulnerabilities and how likely it is that you can fix components.
    OSV Integration New Components Retrieves all publicly known vulnerabilities associated with packages (libraries) that were imported after the last integration run.
    OSV Integration Comprehensive Retrieves all publicly known vulnerabilities associated with all packages that have been imported.
    Deps.dev Integration Retrieves all publicly known versions for packages and used with to identify components in Stale and Abandoned states.
    Update vuln_based_criticality on bom components Updates criticality for components with vulnerabilities.