Sign Up
Docs
Guides

Step-by-step guides to various Atlas use cases

Databases

Database-specific guides for using Atlas

ORMs and Frameworks

Integrate Atlas with the ORM of your choice

Modernize Schema Migrations

Apply modern CI/CD to schema changes

Database Governance

End-to-end control and compliance

AI-Safe Database Changes

Safe schema changes at machine speed

Standardize Schema Migrations

One migration tool to rule them all

Database per tenant

Manage thousands of databases as one

PRICING
Sign InSign Up

safe database migrations for ai-assisted teams with atlas

safe database migrations
for ai-assisted teams with atlas

Agents change your database dozens of times a day. Atlas lints, tests, and enforces policy on every one.

Schedule a DemoSee the Workflow
The Problem

Your database can't be redeployed

AI agents ship code that changes your database. When an app deploy goes wrong, you roll back in minutes. When a database change goes wrong, there is no easy undo.

No human can review at this speedAgents generate database changes in seconds. Manual line-by-line review does not scale.
Agents define intent, not safe migrationsAgents declare what the schema should look like. The migration path to get there must be generated and validated deterministically.
Destructive changes have no undoDropped columns and tables are permanent data loss. Table locks take your product offline.
Security and compliance cannot be optionalPermission escalations, role changes, and broad grants need automated policy enforcement - not ad-hoc review.
ai-agent
How Atlas solves this

Validation, testing, and policy enforcement for every database change.

Works with
01
1# Atlas Schema Migrations
2

3## Standard Workflow
4

51. `atlas schema inspect --env <name>` - understand current state
62. Edit schema source files (HCL, SQL, or ORM)
73. `atlas schema validate --env <name>` - check syntax
84. `atlas migrate diff --env <name>` - generate migration
95. `atlas migrate lint --env <name> --latest 1` - validate
106. `atlas migrate test --env <name>` - run tests
11

12## Key Rules
13

14- Never author migration SQL by hand
15- Always use `--env` to reference `atlas.hcl` configs
16- Never hardcode credentials - use `getenv()`
17- Always lint before applying migrations
18- Never ignore lint errors - fix or get approval
assistant
>Add an index for users.email
Deterministic Workflow

Agents declare intent. Atlas handles the rest.

Agents edit schema code. Atlas generates the migration, validates it, and runs policy checks. You review intent and outcomes - not raw SQL.

Declarative, like the rest of your stackAgents edit schema code the same way they edit Terraform, Kubernetes, or app code. Atlas reconciles the diff and generates the migration.
Deterministic review on every changeScanning, validation, and simulation run on every change. Same rules, every time.
Agents iterate faster with AtlasBuilt-in skills let agents inspect the database, write tests, run validation locally, and fix lint errors - all without leaving the workflow.
02
Policies as Code

Enforce standards automatically

Define rules for security, migrations, and permissions in code. Atlas enforces them on every change - whether authored by a human or an AI agent.

Enforce security policiesBlock superuser roles, grantable permissions, and insecure views - regardless of who generated the change.
Prevent unsafe migrationsBlock destructive operations, table locks, and data-dependent changes before they reach production.
Govern access and complianceRequire row-level security, enforce restrictive policies, and audit function security on every schema.
security.hcl
lint.hcl
rules.hcl
1rule "schema" "no-superuser" {
2  role {
3    assert {
4      predicate = predicate.role.not_superuser
5      message   = "superuser roles are prohibited"
6    }
7  }
8}
9

10rule "schema" "no-grantable" {
11  permission {
12    assert {
13      predicate = predicate.perm.not_grantable
14      message   = "WITH GRANT not allowed"
15    }
16  }
17}
18

19rule "schema" "view-invoker" {
20  view {
21    assert {
22      predicate = predicate.view.security_invoker
23      message   = "must use INVOKER security"
24    }
25  }
26}
terminal
~/atlas/app
03
Eval-Driven Development

Agents verify intent, not just correctness

Validation and linting confirm schema code compiles and follows policy, like tsc, go build, or eslint for your database.

Testing verifies intent. Agents write unit tests that confirm the change does what it was meant to do - not just that it compiles.

terminal
~/atlas/app
$ atlas schema test --env dev
-- Running 3 tests:
test "orders_table_exists"
✓ passed (2ms)
test "email_index_concurrent"
✗ FAILED: index not using CONCURRENTLY
→ Suggesting fix...
test "no_data_loss"
✓ passed (4ms)
1 of 3 tests failed (8ms)
--- assistant updates the migration ---
$ atlas schema test --env dev
✓ orders_table_exists (2ms)
✓ email_index_concurrent (3ms)
✓ no_data_loss (4ms)
3 of 3 tests passed (9ms)
04
Continuous Governance

AI ships fast. Your guardrails ship faster.

Every PR with a schema change runs through the same pipeline - lint, test, policy check. Failed? The agent gets structured errors and self-corrects. No human in the loop.

Same gates, every changeHuman or AI - every PR runs through identical lint, test, and policy checks. No exceptions.
Rules defined in codeWrite policies once. Atlas enforces them on every commit.
Agents self-correctFailed checks return structured errors. The agent fixes and re-submits.
pull request
feat: add email index & update orders#217
@claude-codefeat/add-email-indexmain
Checks5 checks
analyze
3s
lint
8s
policy
4s
test
drift
atlas / policyDS103

Dropping column "legacy_id" violates data retention policy. Error returned to agent for self-correction.

Required checks must pass before merging

Move fast with AI. Ship with confidence.

Get started in minutes. Works with any database, any agent, any CI.

Schedule a DemoAI Workflow Guide
Works with