Native macOS App PostgreSQL & MySQL

Who has access to
your production database
right now?

AccessVault gives you a complete picture of every privilege, role, and permission across your databases — and flags exactly what needs to change before your next audit.

Free tier available macOS 13+ No cloud required SSH tunnel support
AccessVault — production-db.company.com
Database Users 14 users
Privilege Analysis Export
PO
SU
AP
!
AN
RO
MI
RW
RP
RW
BK
RO
AP
app_user
% · prod-postgres
Over-provisioned: DELETE on 3 schemas unused in 90 days. Revoke
Schema Privileges
public SELECT INSERT UPDATE DELETE
billing SELECT INSERT UPDATE DELETE
audit_log SELECT
Role Attributes
LOGIN INHERIT SUPERUSER REPLICATION BYPASSRLS CONNECT LIMIT 50
PostgreSQL 12–17
MySQL 5.7 & 8.x
SSH Tunnel (key & password)
macOS Keychain credential storage
Complements TablePlus, DataGrip, DBeaver
The Problem

Access control is broken in most teams

Database permissions accumulate like technical debt. No one removes access when someone changes teams. No one checks if that service account really needs INSERT on the billing schema.

01
Can you name every user with SUPERUSER?
Most teams can't answer this in under 10 minutes. AccessVault shows you in 3 seconds.
02
When was that privilege last used?
Granted once, forgotten forever. Privilege Analysis compares granted vs. actual usage to surface dead weight.
03
Will you pass your SOC 2 audit?
27 automated checks. Instant readiness score. Export to PDF for your auditor — not a spreadsheet you assembled by hand.
04
Can your AI assistant see your credentials?
With the MCP integration, your AI tools query the database through AccessVault — never seeing your password or SSH keys.
Features

Everything a security-conscious DBA needs

Built for the intersection of database operations and security compliance — not a general-purpose client.

User & Privilege Management
A complete view of every database user, their role attributes, schema-level privileges, and where those privileges originate — direct, inherited, or via PUBLIC.
  • Role attributes: superuser, bypassRLS, replication, connection limits, expiry
  • Per-schema privilege editor with visual grant/revoke
  • Privilege source attribution — direct, role inheritance, PUBLIC
  • Privilege Analysis: compare granted vs. actual query usage
  • One-click revocation of unused or over-provisioned access
Real-time Performance Monitoring
Live metrics that matter for database health — cache efficiency, lock contention, table bloat, and the slow queries dragging down your p99 latency.
  • Cache hit ratios & transaction throughput
  • Lock summaries with blocked connection detection
  • Table health: dead tuples, vacuum status, bloat
  • Index efficiency and unused index analysis
  • Slow query tracking with execution plans
Audit Readiness Scanner
27 automated security checks across authentication, privilege scope, encryption, logging, and network exposure — mapped to the compliance frameworks your auditors actually use.
  • SOC 2, HIPAA, PCI-DSS v4.0, GDPR, CIS Benchmarks
  • Severity-weighted readiness scoring
  • Remediation guidance with copy-ready SQL fixes
  • PDF and CSV export for auditors
  • Scheduled scans (Team/Enterprise)
Native macOS Experience
Built with SwiftUI from the ground up — not a web app in a wrapper. Responds like a native app, integrates with macOS Keychain, and respects the platform you work on.
  • SSH tunnel support: key-based and password auth
  • macOS Keychain for all credentials — nothing on disk
  • Connection color coding for environment awareness
  • Inspector panels, disclosure groups, native conventions
  • Lightweight — no Electron, no JVM, no background sync
Unique to AccessVault

Safe AI access to your database

Your AI assistant can query your database — without ever seeing your connection string, password, or SSH keys. You control exactly which columns and tools are exposed.

Interactive — toggle columns to control what AI can see
Schema Access Matrix — users 4 visible 3 blocked
Column Type Status
AI Query Result
claude: SELECT * FROM users LIMIT 3
Watch — describe a query, AI generates a safe parameterized tool
AI Tool Generator
Analyzing schema & generating tool…
get_high_value_orders Needs Review
SELECT order_id, customer, amount, status
FROM orders
WHERE amount > $1 AND created_at > $2
ORDER BY amount DESC
$1: min_amount (numeric) $2: since_date (date)
get_table_schema
Column names and types for a table
Active
get_slow_queries
Queries exceeding duration threshold
Active
list_active_connections
Current database connections and states
Active
get_index_usage
Index scan counts and efficiency stats
Active
+ Next tool will appear here
Replay animation
Localhost Only
Binds to 127.0.0.1 — never network exposed
Query Catalog
AI calls approved operations — not raw SQL
Token Auth + Audit
Every request is authenticated and logged
Schema Drift
Alerts when AI schema diverges from baseline
Audit Readiness

Built for the frameworks that matter

27 automated checks. A readiness score you can show your auditor. Export to PDF in one click.

SOC 2
Type II ready
HIPAA
Access controls
PCI-DSS v4.0
Req. 7, 8, 10
GDPR
Data access audit
CIS Benchmarks
PostgreSQL & MySQL
27
Automated security checks
5
Compliance categories
1
Click to export PDF for auditors
8
Authentication & Access
6
Privilege Scope
5
Encryption & Transport
5
Audit Logging
3
Network Exposure
Pricing

Start free. Scale when you need to.

No per-database fees. No usage limits on queries. Just a flat rate for the capabilities you need.

Free
$0
Forever free
  • 1 database connection
  • Overview dashboard
  • Table & schema browsing
  • View-only user list
  • SSH tunnel support
  • Privilege editing
  • Audit scanner
  • Performance monitoring
  • API & MCP server
Team
$ 29 /seat/mo
Billed annually
  • Everything in Pro
  • Shared connection library
  • Role & privilege templates
  • Approval workflows
  • Team audit log
  • Slack & Teams notifications
  • Scheduled audit scans
  • SSO / SAML
  • CI/CD API
Enterprise
$ 99 /seat/mo
Custom volume pricing
  • Everything in Team
  • SSO / SAML integration
  • Just-in-time (JIT) access
  • CI/CD API for IaC pipelines
  • Scheduled audit scans
  • Immutable audit log
  • Priority support & SLA
  • Custom compliance mappings
  • Dedicated onboarding