Copy to clipboard

OnlySpecificSchemasAllowed

Last updated: September 2, 2025

The OnlySpecificSchemasAllowed custom policy check allows you to filter what specific schemas are allowed.

In this example we are only allowing schemas titled lion or eagle.

PATTERN_B regex: (?is)(?:lion|eagle)\.

Before you begin

Scope	Database
changelog	Relational

Liquibase 4.29.0+
Python 3.10.14+
Configure a valid Liquibase Secure license key
Create a Check Settings file
Ensure the Liquibase Checks extension is installed. In Liquibase 4.31.0+, it is already installed in the /liquibase/internal/lib directory, so no action is needed.
If the checks JAR is not installed, download liquibase-checks-<version>.jar and put it in the liquibase/lib directory.
(Maven users only) Add the liquibase-checks dependency to your pom.xml file. See Add extensions with Maven for more information.
Java Development Kit 17+ (available for Open JDK and Oracle JDK)
Linux, macOS, or Windows operating system

Procedure

These steps describe how to create the Custom Policy Check. It does not exist by default in Liquibase Pro.

Run this command in the CLI:

liquibase checks customize --check-name=SqlUserDefinedPatternCheck

Give your check a short name for easy identification

Use up to 64 alpha-numeric characters only.

In this example we will use:

OnlySpecificSchemasAllowed

Set the Severity to return a code of 0-4 when triggered.

These severity codes allow you to determine if the job moves forward or stops when this check triggers. Learn more here: Use Policy Checks in Automation: Severity and Exit Code options: 'INFO'=0, 'MINOR'=1, 'MAJOR'=2, 'CRITICAL'=3, 'BLOCKER'=4

Set 'PATTERN_A' to this valid regular expression:

In this example we will use:

(?is)(?=create|drop|alter|insert|select|delete)

Set 'PATTERN_B' to this valid regular expression:

(?is)(?:lion|eagle)\.

Set 'CASE_SENSITIVE' to true or false depending on how narrow you want your search to be.

In this example, we will set it to false.

Set the SEARCH_STRING to this valid regular expression:

(?i:select \*)

Set the MESSAGE for when a match for regular expression <SEARCH_STRING> is found in a Changeset:

In this example we will use:

Error! SELECT * not allowed.

OnlySpecificSchemasAllowed

Before you begin

Procedure

Run this command in the CLI:

Give your check a short name for easy identification

In this example we will use:

Set the Severity to return a code of 0-4 when triggered.

Set 'PATTERN_A' to this valid regular expression:

In this example we will use:

Set 'PATTERN_B' to this valid regular expression:

Set 'CASE_SENSITIVE' to true or false depending on how narrow you want your search to be.

Set the SEARCH_STRING to this valid regular expression:

Set the MESSAGE for when a match for regular expression <SEARCH_STRING> is found in a Changeset:

In this example we will use:

Set STRIP_COMMENTS to true if you want to remove the comments from the output.