Skip to main content

runtime profiles

runtime profiles list

List security profiles

airs runtime profiles list [options]

Options

FlagRequiredDefaultDescription
--limit <n>No100Max results
--offset <n>No0Starting offset
--output <format>NoprettyOutput format: pretty, table, csv, json, yaml

Examples

Pretty output (default)

airs runtime profiles list --limit 2
Prisma AIRS — Runtime Configuration
Security profile and topic management


Security Profiles:

00000000-0000-0000-0000-000000000001
docs-example-profile active rev:1
00000000-0000-0000-0000-000000000002
example-other-profile active rev:6

Next offset: 2

JSON output

airs runtime profiles list --limit 2 --output json
[
{
"id": "00000000-0000-0000-0000-000000000001",
"name": "docs-example-profile",
"status": "active",
"revision": 1
},
{
"id": "00000000-0000-0000-0000-000000000002",
"name": "example-other-profile",
"status": "active",
"revision": 6
}
]

YAML output (multi-doc stream — one document per profile)

airs runtime profiles list --limit 2 --output yaml
id: 00000000-0000-0000-0000-000000000001
name: docs-example-profile
status: active
revision: 1
---
id: 00000000-0000-0000-0000-000000000002
name: example-other-profile
status: active
revision: 6

runtime profiles get

Get a security profile by name or UUID

airs runtime profiles get [options] <nameOrId>

Arguments

  • nameOrId (required) —

Options

FlagRequiredDefaultDescription
--output <format>NoprettyOutput format: pretty, json, yaml

Examples

Pretty output (default)

airs runtime profiles get docs-example-profile
Prisma AIRS — Runtime Configuration
Security profile and topic management


Profile Detail:

ID: 00000000-0000-0000-0000-000000000001
Name: docs-example-profile
Status: active
Revision: 1
Created: user@example.com
Updated: user@example.com
Modified: 2026-05-25T13:38:21Z
Policy: {
"ai-security-profiles": [
{
"model-type": "default",
"model-configuration": {
"mask-data-in-storage": false,
"latency": {
"inline-timeout-action": "block",
"max-inline-latency": 5
},
"data-protection": {
"data-leak-detection": {
"member": null,
"action": "",
"mask-data-inline": false
},
"database-security": null
},
"app-protection": {
"default-url-category": {
"member": null
},
"url-detected-action": "block",
"malicious-code-protection": {
"name": "malicious-code-detection",
"action": "block"
}
},
"model-protection": [
{
"name": "prompt-injection",
"action": "block"
},
{
"name": "toxic-content",
"action": "high:block, moderate:alert"
}
],
"agent-protection": [
{
"name": "agent-security",
"action": "block"
}
]
}
}
]
}

JSON output (flattens management response — profileId / profileName keys)

airs runtime profiles get docs-example-profile --output json
{
"profileId": "00000000-0000-0000-0000-000000000001",
"profileName": "docs-example-profile",
"revision": 1,
"active": true,
"createdBy": "user@example.com",
"updatedBy": "user@example.com",
"lastModifiedTs": "2026-05-25T13:38:21Z",
"policy": {
"ai-security-profiles": [
{
"model-type": "default",
"model-configuration": {
"mask-data-in-storage": false,
"latency": {
"inline-timeout-action": "block",
"max-inline-latency": 5
},
"data-protection": {
"data-leak-detection": {
"member": null,
"action": "",
"mask-data-inline": false
},
"database-security": null
},
"app-protection": {
"default-url-category": {
"member": null
},
"url-detected-action": "block",
"malicious-code-protection": {
"name": "malicious-code-detection",
"action": "block"
}
},
"model-protection": [
{
"name": "prompt-injection",
"action": "block"
},
{
"name": "toxic-content",
"action": "high:block, moderate:alert"
}
],
"agent-protection": [
{
"name": "agent-security",
"action": "block"
}
]
}
}
]
}
}

YAML output (the nested policy is emitted as inline JSON, not converted to YAML)

airs runtime profiles get docs-example-profile --output yaml
profileId: 00000000-0000-0000-0000-000000000001
profileName: docs-example-profile
revision: 1
active: true
createdBy: user@example.com
updatedBy: user@example.com
lastModifiedTs: 2026-05-25T13:38:21Z
policy: {
"ai-security-profiles": [
{
"model-type": "default",
"model-configuration": {
"mask-data-in-storage": false,
"latency": {
"inline-timeout-action": "block",
"max-inline-latency": 5
},
"data-protection": {
"data-leak-detection": {
"member": null,
"action": "",
"mask-data-inline": false
},
"database-security": null
},
"app-protection": {
"default-url-category": {
"member": null
},
"url-detected-action": "block",
"malicious-code-protection": {
"name": "malicious-code-detection",
"action": "block"
}
},
"model-protection": [
{
"name": "prompt-injection",
"action": "block"
},
{
"name": "toxic-content",
"action": "high:block, moderate:alert"
}
],
"agent-protection": [
{
"name": "agent-security",
"action": "block"
}
]
}
}
]
}

runtime profiles create

Create a new security profile

airs runtime profiles create [options]

Options

FlagRequiredDefaultDescription
--name <name>YesProfile name
--no-activeNoCreate profile as inactive
--prompt-injection <action>NoPrompt injection action (block/allow/alert)
--toxic-content <action>NoToxic content action (e.g. "high:block, moderate:block")
--contextual-grounding <action>NoContextual grounding action (block/allow/alert)
--malicious-code <action>NoMalicious code protection action (block/allow/alert)
--url-action <action>NoURL detected action (block/allow/alert)
--allow-url-categories <list>NoComma-separated URL categories to allow
--block-url-categories <list>NoComma-separated URL categories to block
--alert-url-categories <list>NoComma-separated URL categories to alert
--agent-security <action>NoAgent security action (block/allow/alert)
--dlp-action <action>NoData leak detection action (block/allow/alert)
--dlp-profiles <list>NoComma-separated DLP profile names
--mask-data-inlineNoMask detected data inline
--db-security-create <action>NoDatabase create action (block/allow/alert)
--db-security-read <action>NoDatabase read action (block/allow/alert)
--db-security-update <action>NoDatabase update action (block/allow/alert)
--db-security-delete <action>NoDatabase delete action (block/allow/alert)
--inline-timeout-action <action>NoInline timeout action (block/allow)
--max-inline-latency <n>NoMax inline latency in seconds
--mask-data-in-storageNoMask data in storage
--config <path>NoJSON file with profile configuration (legacy)

Examples

Create with protection flags (no JSON output flag — pretty only)

airs runtime profiles create \
--name docs-example-profile \
--prompt-injection block \
--toxic-content "high:block, moderate:alert" \
--malicious-code block \
--agent-security block \
--url-action block
Prisma AIRS — Runtime Configuration
Security profile and topic management

Profile created: 00000000-0000-0000-0000-000000000001


Profile Detail:

ID: 00000000-0000-0000-0000-000000000001
Name: docs-example-profile
Status: active
Revision: 1
Created: user@example.com
Updated: user@example.com
Modified: 2026-05-25T13:38:21Z
Policy: {
"ai-security-profiles": [
{
"model-type": "default",
"model-configuration": {
"mask-data-in-storage": false,
"latency": {
"inline-timeout-action": "block",
"max-inline-latency": 5
},
"data-protection": {
"data-leak-detection": {
"member": null,
"action": "",
"mask-data-inline": false
},
"database-security": null
},
"app-protection": {
"default-url-category": {
"member": null
},
"url-detected-action": "block",
"malicious-code-protection": {
"name": "malicious-code-detection",
"action": "block"
}
},
"model-protection": [
{
"name": "prompt-injection",
"action": "block"
},
{
"name": "toxic-content",
"action": "high:block, moderate:alert"
}
],
"agent-protection": [
{
"name": "agent-security",
"action": "block"
}
]
}
}
]
}

runtime profiles update

Update a security profile by name or UUID

airs runtime profiles update [options] <nameOrId>

Arguments

  • nameOrId (required) —

Options

FlagRequiredDefaultDescription
--name <name>NoUpdate profile name
--no-activeNoSet profile as inactive
--activeNoSet profile as active
--prompt-injection <action>NoPrompt injection action (block/allow/alert)
--toxic-content <action>NoToxic content action (e.g. "high:block, moderate:block")
--contextual-grounding <action>NoContextual grounding action (block/allow/alert)
--malicious-code <action>NoMalicious code protection action (block/allow/alert)
--url-action <action>NoURL detected action (block/allow/alert)
--allow-url-categories <list>NoComma-separated URL categories to allow
--block-url-categories <list>NoComma-separated URL categories to block
--alert-url-categories <list>NoComma-separated URL categories to alert
--agent-security <action>NoAgent security action (block/allow/alert)
--dlp-action <action>NoData leak detection action (block/allow/alert)
--dlp-profiles <list>NoComma-separated DLP profile names
--mask-data-inlineNoMask detected data inline
--db-security-create <action>NoDatabase create action (block/allow/alert)
--db-security-read <action>NoDatabase read action (block/allow/alert)
--db-security-update <action>NoDatabase update action (block/allow/alert)
--db-security-delete <action>NoDatabase delete action (block/allow/alert)
--inline-timeout-action <action>NoInline timeout action (block/allow)
--max-inline-latency <n>NoMax inline latency in seconds
--mask-data-in-storageNoMask data in storage
--config <path>NoJSON file with profile updates (legacy)

Examples

Read-modify-write — only the flags you pass change; existing protections are preserved. New revision id returned.

airs runtime profiles update docs-example-profile \
--prompt-injection alert
Prisma AIRS — Runtime Configuration
Security profile and topic management

Profile updated: 00000000-0000-0000-0000-000000000002


Profile Detail:

ID: 00000000-0000-0000-0000-000000000002
Name: docs-example-profile
Status: active
Revision: 2
Created: user@example.com
Updated: none
Modified: 2026-05-25T13:39:05Z
Policy: {
"ai-security-profiles": [
{
"model-type": "default",
"model-configuration": {
"mask-data-in-storage": false,
"latency": {
"inline-timeout-action": "block",
"max-inline-latency": 5
},
"data-protection": {
"data-leak-detection": {
"member": null,
"action": "",
"mask-data-inline": false
},
"database-security": null
},
"app-protection": {
"default-url-category": {
"member": null
},
"url-detected-action": "block",
"malicious-code-protection": {
"name": "malicious-code-detection",
"action": "block"
}
},
"model-protection": [
{
"name": "prompt-injection",
"action": "alert"
},
{
"name": "toxic-content",
"action": "high:block, moderate:alert"
}
],
"agent-protection": [
{
"name": "agent-security",
"action": "block"
}
]
}
}
]
}

runtime profiles delete

Delete a security profile by name or UUID

airs runtime profiles delete [options] <nameOrId>

Arguments

  • nameOrId (required) —

Options

FlagRequiredDefaultDescription
--forceNoForce delete (removes from referencing policies)
--updated-by <email>NoEmail of user performing force deletion

Examples

Example needed

No curated input/output example for this command yet.


runtime profiles cleanup

Delete old profile revisions, keeping only the latest per name

airs runtime profiles cleanup [options]

Options

FlagRequiredDefaultDescription
--forceNoSkip confirmation — proceed with deletion
--updated-by <email>NoEmail for deletion audit (default: git user.email)
--output <format>NoprettyOutput format: pretty or json

Examples

Dry run (preview)

airs runtime profiles cleanup

Delete old revisions

airs runtime profiles cleanup --force

Specify email for audit trail

airs runtime profiles cleanup --force --updated-by user@example.com

JSON output

airs runtime profiles cleanup --force --output json