Controlling who can create or modify branches in a repository is a critical part of maintaining code quality and workflow discipline — especially in large teams or regulated environments.
Bitbucket Cloud provides a powerful mechanism for managing this via Branch Permissions. But what if you want to allow a pattern, like release/*, but exclude a specific branch, say release/1.3.0?
Let’s explore how Bitbucket lets you do just that.
Let’s say your team wants to only allow branches that follow these patterns:
main
test/*
release/*, but NOT release/1.3.0 (which may be locked for production reasons)
Here’s how you can implement this:
Deny All by Default
Create a rule for pattern * (wildcard) and set:
No Write access
No Pull Request Merge access
This prevents branch creation/merging unless explicitly allowed by other rules.
Allow Specific Branches
Create branch permission rules for:
main → Allow Write & Merge (for desired users/groups)
test/* → Allow Write & Merge
release/* → Allow Write & Merge with exclusion for release/1.3.0
This is where Bitbucket gets smart.
You can exclude a specific branch from a pattern using this syntax:
release*|!release/1.3.0
This tells Bitbucket:
Match all branches starting with
release, exceptrelease/1.3.0.
So your permission rule would apply to:
✅ release/3.0.0
✅ release/patch
❌ release/1.3.0 (explicitly excluded)
This is extremely useful for cases where a particular release branch needs to be frozen or handled by a separate process.
If you define both specific and wildcard rules (e.g., one for main, one for *), Bitbucket evaluates both. In such cases:
The most specific rule wins
If a user is allowed in either rule, they may still gain access
Here’s an example:
Wildcard ( | Specific ( | Result |
|---|---|---|
No users | Allu | ✅ Only Allu has access |
Everybody | Allu | ✅ Only Allu has access |
Allu | Arjun | ✅ Both Allu and Arjun have access |
Branch permissions in Bitbucket are essential for managing team workflows, and the ability to exclude specific branches using the ! operator gives you precise control.
Use patterns like:
release*|!release/1.3.0
…to enforce nuanced rules — such as protecting a hotfix or production branch from unintended changes — while still allowing flexible development around it.