DATA OPS
Real-Time Postgres DDL PII Guard via Webhook
Triggered the moment a DDL change webhook fires, inspects the altered Postgres table for newly added sensitive columns and immediately opens a governance ticket plus a PagerDuty…
How it runs
The automated pipeline, trigger to output.
- TriggerDDL change webhook fires with affected tableHTTP webhook
- ActionInspect changed Postgres table columns and samplesPostgres
- LogicFilter to columns not in reviewed baseline
- LogicBranch by PII risk level of new columns
- ActionOpen Linear governance issue for each findingLinear
- OutputRaise PagerDuty incident for high-risk columnsPagerDuty
What it does
Instead of waiting for a nightly scan, this workflow reacts the instant a schema change lands. A DDL event webhook from your migration tooling triggers an inspection of just the changed table, catching unreviewed PII columns within seconds of deployment.
When to use it
Use it on production databases where a sensitive column reaching live data even briefly is a compliance problem, and you need event-driven detection rather than scheduled batches.
How it works
- 1A webhook fires when your migration pipeline applies a DDL change, carrying the affected table name.
- 2The workflow queries `information_schema.columns` on that specific Postgres table and samples a small value set per new column.
- 3It checks each column against the known-reviewed baseline to keep only genuinely new fields.
- 4A classifier rates new columns; high-risk categories (SSN, payment, health) branch separately from lower-risk ones.
- 5Every flagged column opens a Linear governance issue; high-risk columns additionally raise a PagerDuty incident for immediate on-call attention.
Set it up
What you configure once, before turning it on.
- 1Connect HTTP webhookTrigger any URL on agent actions.
- 2Connect PostgresAny Postgres URL — query, write, migrate.
- 3Connect LinearIssues, projects, cycles, triage.
- 4Connect PagerDutyIncidents, on-call, escalations.
- 5Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
- 6Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
- 7Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.
More Data Ops workflows
Snowflake column type-drift sentinel with Linear fix ticket
Snapshots the data types of every column in your tracked Snowflake schemas on a schedule, diffs against the last snapshot.
Daily BigQuery Scheduled-Query Cost Attribution to Owners
Each morning, totals the prior day's on-demand bytes-billed per scheduled query, maps each query to its owner from a label, and posts a per-owner cost leaderboard to Slack.
BigQuery dropped/renamed column sentinel with PagerDuty incident
Detects when a column is dropped or renamed in your governed BigQuery datasets and, because that breaks downstream queries hard, pages the on-call via PagerDuty and posts…
PR-time Snowflake schema contract check on dbt model changes
When a pull request changes a dbt model, it compares the model's declared output columns against the live Snowflake table it will replace and blocks the merge with a GitHub check…
Agent-triaged warehouse drift with impact analysis and runbook update
On a webhook from your warehouse audit log, an agent investigates the changed column, traces which downstream models and dashboards depend on it.
Cross-warehouse replication schema mismatch reconciler
Compares the column shape of mirrored tables between BigQuery and Snowflake and, when a replicated table has drifted out of sync between the two, opens an Asana task for the data…
Run it inside a business
This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.
Run this workflow in your colony.
14-day trial. No DevOps. No Sales call. Provisioned in under a minute.