Connecting Claude to Your Database (Postgres, Snowflake)
Set up database MCPs with safety rails — read-only access, query timeouts, and sensitive data handling.
Access to the Source of Truth
GA4 gives you website analytics. BigQuery gives you event-level data. But your product database — Postgres, Snowflake, MySQL — is where the real business data lives. Subscription status, user behavior, revenue, churn, feature adoption. This is the source of truth that every business question ultimately traces back to.
Connecting Claude to your database is the most powerful MCP setup you'll build. It's also the one that requires the most care. In this lesson, we'll set up Postgres access with proper safety rails so you can ask Claude business questions and get answers from live production data.
Safety First: The Rules
Before we connect anything, let's establish the non-negotiable safety rules for database MCPs:
- Read-only access only — The database user Claude connects with must have SELECT permissions only. No INSERT, UPDATE, DELETE, or DDL commands.
- Query timeouts — Set a statement timeout (30 seconds is a good default) to prevent runaway queries from overwhelming your database.
- Limited schema access — Only grant access to the specific tables and views Claude needs. Don't expose your entire database schema.
- Row limits — Configure the MCP to cap result sets at 1,000 rows. Claude doesn't need to pull your entire users table to answer a question.
Setting Up Postgres MCP
First, create a read-only database user. Connect to your Postgres instance and run:
-- Create a read-only user for Claude MCP
CREATE USER claude_readonly WITH PASSWORD 'your_secure_password';
-- Grant connect permission
GRANT CONNECT ON DATABASE your_database TO claude_readonly;
-- Grant usage on the schema
GRANT USAGE ON SCHEMA public TO claude_readonly;
-- Grant SELECT on all existing tables
GRANT SELECT ON ALL TABLES IN SCHEMA public TO claude_readonly;
-- Grant SELECT on future tables too
ALTER DEFAULT PRIVILEGES IN SCHEMA public
GRANT SELECT ON TABLES TO claude_readonly;
-- Set a statement timeout to prevent runaway queries
ALTER USER claude_readonly SET statement_timeout = '30s';Now add the Postgres MCP to your Claude Desktop configuration:
{
"postgres": {
"command": "npx",
"args": ["-y", "@anthropic/mcp-postgres"],
"env": {
"DATABASE_URL": "postgresql://claude_readonly:your_secure_password@your-host:5432/your_database",
"MAX_ROWS": "1000"
}
}
}Asking Business Questions
With the database connected, you can ask Claude business questions in plain English and it will write the SQL, execute it, and present the results:
Claude writes a multi-step SQL query against your production database and presents a funnel analysis with conversion rates.
Analyze our trial-to-paid conversion funnel. Show me the conversion rate at each step: signup → email verified → onboarding completed → first action taken → subscription started. Break it down by signup source.
Handling Sensitive Data
Your database likely contains personally identifiable information (PII) — email addresses, names, phone numbers, payment details. Even though MCP runs locally and data doesn't leave your machine, you should still be thoughtful about what Claude sees. Create database views that exclude PII columns, or use Postgres row-level security to limit what the read-only user can access.
Connect Claude to a database and ask your first business question.
Set up a read-only Postgres user using the SQL above, configure the MCP, and ask Claude: 'What percentage of users who signed up last month have logged in at least 3 times this week?'
Get weekly job alerts
Curated marketing analytics roles — delivered every Monday.