manage your database schema as code with atlas

GitOps-native CI/CD for secure and compliant database management

Get Started Schedule a Demo

Trusted by leading companies

Goodbye manual schema changes, Hello Atlas

Declarative database schema management — define your desired state, Atlas computes the plan

The Old Way

The Atlas Way

The Old Way

hand-write every ALTER TABLE

no review for destructive changes

schema drift across environments

RISKY

The Atlas Way

schema/categories.sql1 files, +0 -9

editingplanninganalyzing✗ blocked

@@ -3,6 +3,5 @@

11CREATE TABLE 'categories' (

22 'category_name' varchar(255) NOT NULL,

33 'category_description' text NULL,

44 'updated_at' timestamp NULL ON UPDATE CURRENT_TIMESTAMP,

55 'created_at' timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,

66 PRIMARY KEY ('id').

77(END)

Change Code

atlas git:(main) x atlas schema apply --env localPlanning migration statements (1 in total):-- modify "categories" table:-> ALTER TABLE "categories" DROP COLUMN "category_description";

Analyzing planned statements (1 in total):

-- destructive change detected: data loss possibleDS102: column "category_description" contains data

Destructive change blocked.Data loss detected. Migration rejected.

Still using legacy tools?

Flyway and Liquibase require you to write every migration by hand.

Atlas is declarative: define your desired state, and it computes the plan. Deterministic, reliable, and built for the AI era.

vsvs

vsORMs

See Full Comparison →

Schema as Code

Like Terraform, for databases.

Define your schema in any language or ORM, and compose them like Terraform modules. Atlas plans, lints, and deploys safe migrations. Declarative or versioned, your choice.

Your Code

1-- atlas:import functions.sql

3CREATE TABLE users (

4 id serial NOT NULL,

5 name varchar(255) NOT NULL,

6 email varchar(255) UNIQUE NOT NULL,

7 phone varchar(20),

8 bio text,

9 PRIMARY KEY (id)

10);

12CREATE TABLE user_logs (

13 id serial NOT NULL,

14 user_id int NOT NULL,

15 body text NOT NULL,

16 PRIMARY KEY (id),

17 CONSTRAINT user_fk FOREIGN KEY (user_id) REFERENCES users(id)

18);

20260315140437_add_user_logs.sqlAtlas Output

1-- Modify "users" table

2ALTER TABLE "users"

3 ADD COLUMN "phone" varchar(20) NULL,

4 ADD COLUMN "bio" text NULL;

6-- Create "user_logs" table

7CREATE TABLE "user_logs" (

8 "id" serial NOT NULL,

9 "user_id" int NOT NULL,

10 "body" text NOT NULL,

11 PRIMARY KEY ("id"),

12 CONSTRAINT "user_fk"

13 FOREIGN KEY ("user_id")

14 REFERENCES "users" ("id")

15);

Shift left database security.

Define roles, users, and permissions as code. Atlas automatically diffs, plans, and applies changes to bring any database in line with the desired state.

Roles & Users

1role "app_readonly" {

2 comment = "Read-only access"

5role "app_writer" {

6 member_of = [role.app_readonly]

9user "api_service" {

10 member_of = [role.app_writer, role.rds_iam]

11}

13user "dashboard" {

14 password = var.dash_password

15 member_of = [role.app_readonly]

16}

Permissions

1permission {

2 for_each = [table.users, table.orders]

3 for = each.value

4 to = role.app_readonly

5 privileges = [SELECT]

8permission {

9 for = table.orders

10 to = role.app_writer

11 privileges = [INSERT, UPDATE]

12}

14permission {

15 for = schema.public

16 to = role.app_admin

17 privileges = [ALL]

18}

policy.hclPolicy

1rule "schema" "no-superuser" {

2 role {

3 assert {

4 predicate = predicate.not_superuser

5 message = "prohibited"

6 }

7 }

10rule "schema" "no-grantable" {

11 permission {

12 assert {

13 predicate = predicate.not_grantable

14 message = "not allowed"

15 }

16 }

17}

19# rule "schema" "require-rls" { ... }

20# rule "schema" "view-invoker" { ... }

DefineRoles & permissions as code

Planatlas schema plan

ReviewPolicy checks in CI

DeployK8s operator applies

Security as Code →Get Started with Security as Code →

Data as Code

Declarative data management.

Seed lookup tables, compare desired vs. live state, and insert reference data. Atlas generates the exact DML needed, with three sync modes for precise control.

Your Data

1data {

2 table = table.countries

3 rows = [

4 { id = 1, code = "US", name = "United States" },

5 { id = 2, code = "IL", name = "State of Israel" },

6 { id = 4, code = "VN", name = "Vietnam" },

7 { id = 5, code = "FR", name = "France" },

8 ]

11data {

12 table = table.order_status

13 rows = [

14 { id = 1, name = "pending", active = true },

15 { id = 2, name = "shipped", active = true },

16 { id = 3, name = "delivered", active = true },

17 { id = 4, name = "returned", active = false },

18 ]

19}

output.sqlINSERT mode

1-- insert into "countries":

2INSERT INTO "countries" ("id", "code", "name")

3 VALUES (5, 'FR', 'France');

5-- insert into "order_status":

6INSERT INTO "order_status" ("id", "name", "active")

7 VALUES (4, 'returned', false);

From

Files

Static Data

Catch dangerous migrations before they ship

Atlas analyzes every migration for destructive changes, table locks, data loss risks, and concurrent index violations. In CI, on the CLI, or pre-deployment.

Code Review Agent

atlas migrate lint on dirs/ecommerce/migrations

CLI Tool

$ atlas migrate lint

Built-in analyzers

Destructive changesData-dependent changesBackward incompatibleBlocking table locksConcurrent indexTable copy detectionConstraint deletionNaming conventionsSQL injectionTransaction safety

Automate code review on

pull request

feat: add tenant isolation & reader role#312

@claude-codewants to mergefeat/tenant-rls→main

Files Changed1 files, +12 -3

Status

Step

Result

1 new migration file detected

20250410131547.sql

ERD and visual diff generated

View Visualization

Simulate on dev database

Passed (23ms)

Analyze 20250410131547.sql4 reports were found in analysis

Destructive changes detectedDropping non-virtual column "email"

Data dependent changes detectedAdding a non-nullable "varchar" column "phone" without a DEFAULT value

Blocking table change detectedChanging column type from "int" to "bigint" requires table rewrite

Concurrent index violationCreating index non-concurrently acquires SHARE lock, blocking writes

3 passed

4 diagnostics

147ms

Automate code review on

Cloud Native

Modern deployments

Deploy schema changes with confidence using our modern CI/CD pipeline

Terraform

Kubernetes

Argo CD

Crossplane

GitHub Actions

GitLab CI

Azure DevOps

terraform {
  required_providers {
    atlas = {
      source  = "ariga/atlas"
      version = "~> 0.9.7"
    }
  }
}

provider "atlas" {
  dev_url = "docker://postgres/15/myapp"
}

data "atlas_schema" "sql" {
  src = "file://${path.module}/schema.sql"
}

resource "atlas_schema" "postgres" {
  url = "postgres://root:pass@localhost:5432/app?sslmode=disable"
  hcl = data.atlas_schema.sql.hcl
}

$ terraform apply

data.atlas_schema.sql: Reading...
data.atlas_schema.sql: Read complete after 2s [id=p93KLX2q4UI326LN/4cssQ]

Terraform will perform the following actions:

  # atlas_schema.postgres will be created
  + resource "atlas_schema" "postgres" {
      + hcl = <<-EOT
            table "users" {
              schema = schema.myapp
              column "id" {
                null = false
                type = int
              }
              column "name" {
                null = false
                type = varchar(255)
              }
              primary_key {
                columns = [column.id]
              }
            }
        EOT
      + id  = (known after apply)
      + url = (sensitive value)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

The following SQL statements will be executed:

CREATE TABLE users (
  id SERIAL PRIMARY KEY,
  name VARCHAR(255) NOT NULL
);

Atlas Cloud

A DBRE platform for operating production databases

Schema registry, deployment logs, audit trails, and production safeguards. Everything your team needs to operate databases at scale.

atlasgo.cloud

LIVE

A versioned registry for migration directories, ERDs, and schema docs.

Schema Registry

A versioned registry for migration directories, ERDs, and schema docs.

Deployment Logs

Full deploy history per target: what ran, when, and what changed.

Audit Trail

Full trace of every change: who ran what, where, and how it behaved.

Schema Statistics

Schema growth, table sizes, index usage, and structural complexity.

Production Safeguards

Approval gates, protected rollbacks, and environment-aware permissions.

atlasgo.cloud

LIVE

Book a Demo

Monitoring as Code

Continuous monitoring. Auto-remediation.

Atlas monitors live databases for schema drift, permission mismatches, and policy violations. When drift is detected, it generates the exact SQL to bring them back in line.

agent.hclConfig

1# Auto-discover all production RDS instances.

2data "rds_discovery" "production" {

3 region = "us-east-1"

4 filter {

5 tags = {

6 Environment = "production"

7 Team = "backend"

8 }

9 name_regex = ".*-prod$"

10 }

11}

13# Monitor all matched RDS instances.

14instance "production" {

15 for_each = data.rds_discovery.production.urls

16 url = each.value

17 default_monitor "all" {

18 snapshot_interval = "1h"

19 schemas = ["public"]

20 }

21}

CSPMCIEMDSPM

outside the database

BLIND SPOTGRANTS·PII·PRIVILEGES·CVES·CROSS-TENANT·RLS·DRIFT

↓

atlas sees inside

↓

Atlas Bot2:45 PM

Drift detected on users

RLS disabled on accounts, all rows visible

84 objects · 203 relationships

criticalwarningok

Monitoring as Code →Get Started with Monitoring as Code →

Atlas Copilot

Your DBA Copilot

AI-powered assistant for effortless database operations

Get started in minutes

Chat with Atlas Copilot to set up your project fast.

Fix issues fast

Iterate with Atlas to quickly resolve and ensure reliable migrations.

Generate tests

Use natural language to generate unit tests for your schema and migrations.

Govern schemas

Use Copilot to generate schema rules and predicates to govern schemas based on your guidelines.

atlas-copilot

user@atlas~$ atlas copilot

Atlas

How can I help you today?

User

Help me fix my latest migration