>
    Strata Copilot
    Scan a Model from Object Storage
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma AIRS
    3. Secure Your AI Models with AI Model Security
    4. Get Started with AI Model Security
    5. Scanning Models
    6. Scan a Model from Object Storage
    Download PDF
    Prisma AIRS

    Scan a Model from Object Storage

    Table of Contents

    Scan a Model from Object Storage

    Scan a model from object storages like Amazon S3, Google Cloud Storage, Azure Blob Storage, JFrog Artifactory, and Gitlab Model Registry.

    Scan a Model from Object Storage

    We support object storages Amazon S3, Google Cloud Storage, Azure Blob Storage, JFrog Artifactory, and Gitlab Model Registry. To scan an AI model from these cloud storage models, provide the URL of these models as model_uri parameter while calling the scan on the SDK.
    The model security SDK will perform the download for you and queue the model for scan.
    When creating a scan, you can attach up to 50 custom labels to help organize your scans.
    Scan using CLI
    
model-security scan \
  --security-group-uuid "12345678-1234-1234-1234-123456789012" \

  --model-uri "<model_uri>" \
  --model-name "production-classifier" \
  --model-author "ml-team" \
  --model-version "v2.1" \
  -l env=production
    Scan using Python SDK
    
from model_security_client.api import ModelSecurityAPIClient

# Initialize the client
client = ModelSecurityAPIClient(
    base_url="https://api.sase.paloaltonetworks.com/aims"
)
result = client.scan(
    security_group_uuid="12345678-1234-1234-1234-123456789012",
    
    model_uri="<model_uri>",
    model_name="production-classifier",
    model_author="ml-team",
    model_version="v2.1",
    labels={ "env": "production" }
)
    The model_uri parameter must use the format of supported cloud storage platforms:
    • Amazon S3 (s3://)
    • Google Cloud Storage (gs://)
    • Azure Blob Storage (https://[account].blob.core.windows.net/)
    • JFrog Artifactory (https://[instance].jfrog.io/)
    • GitLab Model Registry (https://[gitlab-instance]/-/ml/models/)
    The CLI shows scan results in real-time as they finish. Each scan tests the model against all active rules in your Security Group. The output shows whether the model passes or fails based on your rule configuration.
    A model fails if any blocking rule detects a violation. Non-blocking rules record findings without preventing the model from being approved.

    © 2026 Palo Alto Networks, Inc. All rights reserved.