diff --git a/packages/db/src/policies/create.ts b/packages/db/src/policies/create.ts
index 229266286..0fc618f61 100644
--- a/packages/db/src/policies/create.ts
+++ b/packages/db/src/policies/create.ts
@@ -1,4 +1,3 @@
-import type { DeploymentVersionCondition } from "@ctrlplane/validators/releases";
 import type { z } from "zod";
 
 import { logger } from "@ctrlplane/logger";
@@ -98,12 +97,7 @@ export const createPolicyInTx = async (tx: Tx, input: CreatePolicyInput) => {
   if (deploymentVersionSelector != null)
     await tx
       .insert(SCHEMA.policyRuleDeploymentVersionSelector)
-      .values({
-        ...deploymentVersionSelector,
-        policyId: policy.id,
-        deploymentVersionSelector:
-          deploymentVersionSelector.deploymentVersionSelector as DeploymentVersionCondition,
-      })
+      .values({ ...deploymentVersionSelector, policyId: policy.id })
       .onConflictDoUpdate({
         target: [SCHEMA.policyRuleDeploymentVersionSelector.id],
         set: buildConflictUpdateColumns(
diff --git a/packages/db/src/policies/update.ts b/packages/db/src/policies/update.ts
index f4ec19626..ac7b2edd1 100644
--- a/packages/db/src/policies/update.ts
+++ b/packages/db/src/policies/update.ts
@@ -1,4 +1,3 @@
-import type { DeploymentVersionCondition } from "@ctrlplane/validators/releases";
 import { eq } from "drizzle-orm";
 
 import { logger } from "@ctrlplane/logger";
@@ -74,12 +73,7 @@ const updateDeploymentVersionSelector = async (
 
   await tx
     .insert(SCHEMA.policyRuleDeploymentVersionSelector)
-    .values({
-      ...deploymentVersionSelector,
-      policyId,
-      deploymentVersionSelector:
-        deploymentVersionSelector.deploymentVersionSelector as DeploymentVersionCondition,
-    })
+    .values({ ...deploymentVersionSelector, policyId })
     .onConflictDoUpdate({
       target: [SCHEMA.policyRuleDeploymentVersionSelector.policyId],
       set: buildConflictUpdateColumns(
diff --git a/packages/db/src/schema/policy.ts b/packages/db/src/schema/policy.ts
index 336fcefeb..311db3de1 100644
--- a/packages/db/src/schema/policy.ts
+++ b/packages/db/src/schema/policy.ts
@@ -17,9 +17,18 @@ import {
 import { createInsertSchema } from "drizzle-zod";
 import { z } from "zod";
 
-import { deploymentCondition } from "@ctrlplane/validators/deployments";
-import { environmentCondition } from "@ctrlplane/validators/environments";
-import { resourceCondition } from "@ctrlplane/validators/resources";
+import {
+  deploymentCondition,
+  isValidDeploymentCondition,
+} from "@ctrlplane/validators/deployments";
+import {
+  environmentCondition,
+  isValidEnvironmentCondition,
+} from "@ctrlplane/validators/environments";
+import {
+  isValidResourceCondition,
+  resourceCondition,
+} from "@ctrlplane/validators/resources";
 
 import type { policyRuleDeploymentVersionSelector } from "./rules/deployment-selector.js";
 import { releaseTarget } from "./release.js";
@@ -94,9 +103,21 @@ const policyInsertSchema = createInsertSchema(policy, {
 
 const policyTargetInsertSchema = createInsertSchema(policyTarget, {
   policyId: z.string().uuid(),
-  deploymentSelector: deploymentCondition.nullable(),
-  environmentSelector: environmentCondition.nullable(),
-  resourceSelector: resourceCondition.nullable(),
+  deploymentSelector: deploymentCondition
+    .nullable()
+    .refine(
+      (selector) => selector == null || isValidDeploymentCondition(selector),
+    ),
+  environmentSelector: environmentCondition
+    .nullable()
+    .refine(
+      (selector) => selector == null || isValidEnvironmentCondition(selector),
+    ),
+  resourceSelector: resourceCondition
+    .nullable()
+    .refine(
+      (selector) => selector == null || isValidResourceCondition(selector),
+    ),
 }).omit({ id: true });
 
 // Export schemas and types
diff --git a/packages/db/src/schema/rules/deployment-selector.ts b/packages/db/src/schema/rules/deployment-selector.ts
index 47af9e815..46fc8dfef 100644
--- a/packages/db/src/schema/rules/deployment-selector.ts
+++ b/packages/db/src/schema/rules/deployment-selector.ts
@@ -3,6 +3,11 @@ import { jsonb, pgTable, text, uuid } from "drizzle-orm/pg-core";
 import { createInsertSchema } from "drizzle-zod";
 import { z } from "zod";
 
+import {
+  deploymentVersionCondition,
+  isValidDeploymentVersionCondition,
+} from "@ctrlplane/validators/releases";
+
 import { policy } from "../policy.js";
 
 export const policyRuleDeploymentVersionSelector = pgTable(
@@ -28,5 +33,10 @@ export const policyRuleDeploymentVersionSelector = pgTable(
 
 export const createPolicyRuleDeploymentVersionSelector = createInsertSchema(
   policyRuleDeploymentVersionSelector,
-  { policyId: z.string().uuid() },
+  {
+    policyId: z.string().uuid(),
+    deploymentVersionSelector: deploymentVersionCondition.refine(
+      isValidDeploymentVersionCondition,
+    ),
+  },
 ).omit({ id: true });