# Migratrix > Migratrix is a Database DevOps platform that gives engineering teams a safe, structured, and fully auditable way to promote database changes from DEV to PROD. It replaces manual SQL scripts, Slack approval threads, spreadsheet checklists, and ad-hoc rollback plans with a single integrated workflow — exploration, migration pipelines, schema comparison, data transfer, GitOps, and AI-assisted SQL, all in one platform. Migratrix was built by engineers who spent years managing migrations across dozens of environments and watching the same preventable incidents happen over and over. The founding incident: a schema change applied to staging three times but missing a column in production. The root cause was completely preventable — the tooling just wasn't there. **Website:** https://migratrix.com **Sign in / app:** https://migratrix.com/login **Sales:** sales@migratrix.com **Security:** security@migratrix.com **Legal / DPA:** legal@migratrix.com **LinkedIn:** https://www.linkedin.com/company/migratrix --- ## Pages - [Home](https://migratrix.com/): Platform overview, pipeline demo, feature grid, GitOps flow, stats, FAQ. - [Features](https://migratrix.com/features): Full detail on all six platform capabilities with interactive previews. - [Plans](https://migratrix.com/plans): Pricing tiers with feature comparison, per-plan use case descriptions, and FAQ. - [Docs](https://migratrix.com/docs): Agent installation, GitOps setup, migration flow concepts, SSO/SAML, audit exports, database version support. - [About](https://migratrix.com/about): Mission, founding story, target customers, values, and contact. - [Roadmap](https://migratrix.com/roadmap): Shipped features, Q3–Q4 2026 backlog, and 2027+ vision. - [Security](https://migratrix.com/security): Full security program documentation — data protection, encryption, agent security, RBAC, incident response, compliance. - [Terms](https://migratrix.com/terms): Terms of Service. - [Privacy](https://migratrix.com/privacy): Privacy Policy. --- ## The Problem Migratrix Solves Every engineering team eventually hits the same wall: a database change is ready, but getting it from development to production safely takes hours of coordination. The typical workflow is fragile: - Developers paste SQL into a Slack channel - A senior engineer reviews it manually - Someone SSHs into production and runs it - A rollback plan is "we'll figure it out if something breaks" - Two weeks later you discover staging and prod have drifted One wrong step triggers a 2am incident. One missed approval creates a compliance gap. One forgotten rollback means a multi-hour recovery. Migratrix makes this entire process invisible: exploration, drift detection, automated comparisons, multi-party approvals, rollback scripts, cross-environment promotion — unified in a single auditable workflow that your team can trust every time. **Measured impact:** 3× faster environment promotions. 15 hours per week saved per team. 24h business SLA on paid plans. --- ## Key Concepts - **Workspace**: A logical container for your environments, database connections, users, roles, and flows. Organizations have one or more workspaces (e.g. one per product or team). - **Environment**: DEV, QA, PROD, Staging, or any named environment. Each has its own RBAC policy, approval requirements, and database connections. - **Flow**: A named pipeline defining the path a migration takes between environments in order. Example: DEV → QA → PROD. Each step has its own approvals, connections, and execution policy. - **Migration**: A versioned SQL change with an up script (apply) and an optional down script (rollback). Has full lifecycle status tracking per environment. - **Agent**: A lightweight process deployed inside your network that executes operations against your databases. The platform never connects to your databases directly — only the agent does. --- ## Platform Capabilities ### 1. Explorer — Safe Database Access for Your Whole Team Browse tables, run queries, and manage day-to-day database work with environment-aware guardrails that match each person's role. **Why teams love it:** Developers get fast, safe access to production data for debugging — without needing direct DB credentials. DBAs can enforce read-only defaults on PROD while allowing full CRUD on DEV. Every action is logged so there are no surprises at audit time. - PROD defaults to **read-only**; write access requires an explicit permission grant per environment - **Environment RBAC**: Admin / Editor / Viewer roles applied independently per environment — a developer can be Editor on DEV and Viewer on PROD simultaneously - **Column masking**: Hide PII fields (emails, SSNs, phone numbers) from users who don't need them, without schema changes - **Full audit trail**: every query, every row edit, every login — who did what, in which environment, at what time, with SQL digest - **Inline SQL editor** with syntax highlighting, query history, and multi-statement support - **AI Query Generator**: describe what you need in plain English and get production-ready SQL instantly. Every generated query is automatically analyzed for risk with a Low → Medium → High → Critical score and inline warnings for destructive operations (DROP TABLE, DELETE without WHERE, TRUNCATE) - **Safe CRUD**: Create, read, update, and delete rows — PROD enforces read-only by default, edits require explicit permission ### 2. Migration Flow — Structured Pipelines from DEV to PROD Model your full deployment pipeline with approvals at each stage, pre-flight validation, live execution logs, and auto-generated rollback scripts. **Why teams love it:** No more copy-paste SQL, no more SSH into production, no more manual handoffs. One person writes the migration, it flows through the configured stages, gets reviewed by the right people, and rolls forward or back with one click. - **Click-to-promote**: run on DEV, promote upstream with a single approval step — no SSH, no scripts - **Single or multi-party approvals** per stage: require N approvers before a migration can run on QA or PROD - **Configurable minimum approvals**: e.g. "require 2 of 4 approvers to unblock PROD" - **Approval lifecycle**: Queued → Pending → InProgress → Completed / Failed / Rejected — every transition logged - **Pre-flight validation** before each execution: destructive operations flagged, syntax validated, schema impact analyzed - **Auto-generated rollback (down) scripts**: every migration ships with a pre-generated down script. A bad deploy is a one-click fix, not a 2am recovery session - **Live execution logs**: real-time streaming of migration progress, statement by statement, with timing and status - **Recovery support**: interrupted migrations can be resumed or rolled back without manual intervention - **Any number of environments**: DEV → QA → Staging → PROD → Canary — flows support any pipeline shape - **Multiple databases per environment**: supports multi-tenant and multi-database setups in a single flow - **Manual + GitOps modes**: flows can be driven manually from the UI or automatically from a connected Git repository **Migration lifecycle states:** - `Queued` — waiting for the previous environment to complete - `Pending` — ready to execute; stays here until required approvals are met - `InProgress` — execution running on the database - `Completed` — successfully executed - `Failed` — execution failed; can be retried or rolled back - `Rejected` — approval was rejected by a reviewer ### 3. Compare & Sync — Eliminate Schema and Data Drift Instantly see what differs between any two environments and generate the scripts to fix it — before it causes a production incident. **Why teams love it:** Schema drift is invisible until it causes an outage. Migratrix makes it visible on demand. Teams who run regular drift checks catch missing columns, renamed indexes, and diverged stored procedures weeks before they break something in production. - **Schema diff**: compare tables, views, indexes, constraints, stored procedures, and functions between any two environments — even across different database engines - **Human-readable diffs**: structured output that filters noise and highlights what actually changed, not a raw SQL dump - **Row-level data diff**: compare selected datasets between source and target — see exactly which rows were inserted, updated, or deleted - **Generate idempotent sync scripts**: one click produces an order-safe, reversible script to align target with source - **Cross-engine comparison**: diff a MySQL schema against a Postgres schema — Migratrix understands the dialect differences - **Filter noise**: ignore auto-generated indexes, whitespace, and collation differences to focus on meaningful changes ### 4. Data Transfer — Reliable Data Moves Across Any Engine Move data between environments and across engine types with automatic type mapping, batching, scheduling, and fault tolerance. **Why teams love it:** Refreshing staging with production data used to mean writing a custom ETL script, babysitting it overnight, and debugging encoding issues. Migratrix handles same-engine copies and cross-engine migrations with a few clicks and runs them on a schedule. - **Same-engine transfers**: MySQL → MySQL, Postgres → Postgres — fast, with progress tracking and resumable runs - **Cross-engine transfers**: MySQL → Postgres, SQL Server → MySQL, and more — automatic type mapping handles dialect differences - **Optimized batching**: configurable batch sizes for large tables; avoids locking and memory pressure - **Scheduling**: set up recurring transfers (nightly staging refresh, hourly sync jobs) - **Auto-retry on failure**: failed transfers resume from where they stopped without re-transferring already-moved rows - **Safety checks before transfer**: schema compatibility validation and available disk space check before any data moves - **Per-job logs and metrics**: detailed transfer history with row counts, timing, and error details ### 5. GitOps Integration — Migrations as Code in Your Repository Store every migration as a SQL file in your GitHub or GitLab repository. Migratrix auto-creates PRs, syncs on merge, and tracks which migrations are applied per environment. **Why teams love it:** Migrations live next to application code in the same repository, go through the same code review process, and have the same history and blame. No separate migration tool to manage — the Git repository is the source of truth. **Workflow A — Push to apply:** 1. Create a `.sql` or `.migration` file in your configured migration path 2. Push to the repository 3. Migratrix detects the commit via webhook and creates a migration automatically 4. If auto-execute is enabled on the first environment and no approval is required, the migration runs immediately on DEV **Workflow B — Create from UI:** 1. Write the migration in Migratrix's SQL editor 2. Click **Create PR** — Migratrix creates a branch (`migration-{timestamp}-{slug}`), commits the file, and opens a pull request to your base branch 3. Review and merge the PR in GitHub or GitLab 4. On merge, Migratrix syncs the file and queues the migration for execution **Migration file format:** ```sql -- UP ALTER TABLE users ADD COLUMN last_seen TIMESTAMPTZ; CREATE INDEX idx_users_last_seen ON users (last_seen); -- DOWN DROP INDEX IF EXISTS idx_users_last_seen; ALTER TABLE users DROP COLUMN last_seen; ``` Files without `-- UP` / `-- DOWN` markers are treated as up-only scripts. - **Supported providers**: GitHub and GitLab with webhook-based real-time sync - **Configurable migration path**: point to any directory in your repository (e.g. `migrations/`, `db/`, `/`) - **Applied migration tracking**: Migratrix never runs the same migration file twice in the same environment - **GitOps changes view**: track all PR creation, sync status, import events, and errors in one place - **File deletion handling**: if a file is deleted before execution, the migration is removed; if already executed, it is archived with a `[ARCHIVED]` prefix ### 6. Risk Assessment — Know What You're Running Before It Runs Every migration script is automatically analyzed before execution to surface impact, risk, and best-practice violations. **Why teams love it:** Junior developers get guardrails. Senior engineers get confidence. Compliance teams get documentation. Risk assessment is not a gate — it is information that makes the right decision obvious before anything touches production data. **Flagged automatically:** - Destructive operations: `DELETE`/`UPDATE` without a `WHERE` clause, `DROP TABLE`, `TRUNCATE` - Schema problems: unknown tables or columns, unsupported data types, syntax errors, missing `PRIMARY KEY`, unclosed quotes or parentheses - Application impact: detects columns, tables, and APIs that application code currently depends on — shows impact before execution - Best-practice hints: `SELECT *`, missing `LIMIT`, implicit cartesian joins, `NOT NULL` without `DEFAULT`, duplicate column names, risky renames **Risk levels**: Low → Medium → High → Critical — color-coded per script, per operation, with inline annotations --- ## Supported Databases ### Currently Supported (Live) | Database | Supported Versions | Notes | |---|---|---| | **PostgreSQL** | 12, 13, 14, 15, 16+ | Dollar-quoted strings, materialized views, array types, JSONB, sequences | | **MySQL** | 5.6, 5.7, 8.0, 8.1+ | DELIMITER support for stored procedures and functions, auto_increment | | **MariaDB** | 10.0.24+ through 11.4+ | Full MySQL protocol compatibility | | **SQL Server** | 2012 SP4+, 2014 SP3+, 2016 SP2+, 2017, 2019, 2022, Azure SQL, Azure SQL Managed Instance | GO batch separators, WITH NOCHECK for FK constraints, IDENTITY_INSERT | | **ClickHouse** | 20.3, 21, 22, 23, 24+ | HTTP (port 8123) and Native protocol (ports 9000–9010); no transaction support (DB limitation) | | **SQLite** | 3.7+ (all modern versions through 3.45+) | PRAGMA commands, attached databases, file-based storage | | **Oracle** | 11g R2 (limited), 12c, 18c, 19c, 21c, 23c | PL/SQL blocks, PDB support (12c+), sequences, synonyms; 11g has limited multi-database support | ### Coming in Q3–Q4 2026 - **Snowflake**: warehouses, stages, secure views, schema diff, promotion workflows - **MongoDB**: ETL and pipeline workflows (not DDL-style) - **BigQuery, Redshift, DynamoDB, Cassandra, Redis**: coverage expansion --- ## Agent — Runs Inside Your Network The Migratrix Agent is a lightweight process that runs inside your infrastructure. It is the only component that ever touches your databases. The Migratrix cloud platform sends instructions; the agent executes them and returns results. Your data never crosses to Migratrix servers. **Architecture:** - Agents establish **outbound-only TLS connections** to Migratrix — no inbound ports required, no firewall rule changes - All **database credentials are stored locally on the agent machine**, encrypted with **AES-GCM (AES-256) with PBKDF2 key derivation (SHA-256, 200,000 iterations)** — Migratrix never has access to raw credential data - Agents authenticate with short-lived workspace tokens scoped to your organization and environment - The Migratrix backend never connects directly to your databases — the agent is the exclusive executor **Installation — one command per platform:** Docker: ```bash docker run -d \ --name migratrix-agent \ --restart unless-stopped \ -e MIGRATRIX_API_KEY="" \ -e MIGRATRIX_DIR=/data/migratrix \ -p 4002:4002 \ -v migratrix-agent-data:/data/migratrix \ ghcr.io/code-fighter-labs/migratrix-agent:latest ``` Linux (one-liner): ```bash curl -sSL https://github.com/code-fighter-labs/homebrew-tap/releases/latest/download/install.sh | sh && \ migratrix-agent --apiKey "" ``` macOS (Homebrew): ```bash brew tap code-fighter-labs/tap && brew install migratrix-agent && \ migratrix-agent --apiKey "" ``` Windows (PowerShell): ```powershell iwr https://github.com/code-fighter-labs/homebrew-tap/releases/latest/download/install.ps1 | iex migratrix-agent --apiKey "" ``` **Deployment options:** - Linux: systemd service for automatic restart and boot persistence - Windows: Windows Service registration via NSSM or `sc.exe` - Docker: volume-persisted with `--restart unless-stopped` - Kubernetes: standard Deployment or DaemonSet **Observability:** The agent can collect server metrics (CPU, memory, disk I/O) for supported engines and expose Prometheus metrics — forward to your existing observability stack. **Networking:** Agents have a configurable `BindAddress` (where the agent listens, e.g. `http://0.0.0.0:4002`) and `PublicUrl` (the externally reachable HTTPS URL the browser uses). Port is configurable via `MIGRATRIX_AGENT_PORT` environment variable (default: 4002). Supports reverse-proxy setups (nginx, Traefik, Caddy) for HTTPS termination. --- ## Plans & Pricing All plans include the complete platform: Explorer, Migration Flow, Compare & Sync, Data Transfer, GitOps, and AI SQL. Upgrade for more environments, flows, and enterprise controls. ### Free Tier — $0 Best for exploring the platform or very small teams. - Up to 5 users - 1 migration flow (limited) - Explorer CRUD with safeguards - Schema comparison - No credit card required ### Starter — $749/month Best for teams moving from manual SQL scripts to a repeatable, auditable process. - 1 workspace - 2 migration flows - AI SQL generation with risk analysis - GitOps integration (GitHub & GitLab) - Environment RBAC (Admin / Editor / Viewer) - Full audit trail - *Fits one core team or one main product environment* - *Replaces spreadsheet approvals and manual SQL handoffs* ### Growth — $1,499/month *(Most Popular)* Best for scaling teams that need stronger release control, rollback readiness, and priority support. - Everything in Starter - 3 workspaces - 3 migration flows per workspace - **Auto-generated rollback scripts** — every migration ships with a tested down script - **Multi-party approvals** — configure minimum approvers per environment - **24h SLA** (priority support) - *Fits teams coordinating multiple products or business units* - *Adds rollback readiness for faster recovery when releases go wrong* ### Scale — Custom pricing Best for enterprises with governance, security, and compliance requirements. - Everything in Growth - **Unlimited workspaces and flows** - **SSO / SAML + SCIM** — map IdP groups to Migratrix roles per environment; JIT provisioning for first-time users - Custom SLAs and dedicated support - Security reviews and compliance documentation (SOC 2, HIPAA alignment) - On-premises agent deployment - DPA available on request - *Fits enterprises with strict access, compliance, or procurement requirements* - *Works well for central platform teams serving many delivery teams* Contact: sales@migratrix.com or use the contact form at https://migratrix.com --- ## Security & Compliance Migratrix was designed from day one for teams who operate in regulated environments. Security is not a layer — it is the architecture. ### Zero Data Retention Principle - Migratrix does **not** copy, store, or retain your production database data - All **database credentials and connection secrets** are **encrypted locally on your agent machine** using AES-GCM (AES-256) with PBKDF2 key derivation (SHA-256, 200,000 iterations) — Migratrix never has access to raw credentials - The platform stores only operational metadata: migration definitions, audit logs, and configuration schemas - Any transient data transmitted between agents and Migratrix is TLS-encrypted and discarded after processing - You maintain exclusive custody of your database data and credentials at all times ### Encryption - **In transit**: TLS 1.2+ for all client ↔ service and service ↔ agent communications - **At rest**: AES-256 (or cloud provider-managed KMS) for databases, object storage, and backups - **Key management**: keys are rotated on a defined schedule; production keys are restricted to secure runtime environments ### Access Control - Fine-grained **RBAC**: Admin, Approver, Developer, Viewer roles with environment-aware scope - **SSO / SAML** with IdP group mapping and JIT provisioning (Scale plan) - MFA supported via your identity provider - Just-in-time credentials via your own secret manager or database-native temporary users ### Audit Trail - Every action is logged: who did it, what they did, in which environment, at what time, with SQL digest - Immutable change history — logs cannot be modified or deleted by end users - **Export audit logs**: CSV or JSON download; stream to your SIEM via webhook integration - Actionable for SOC 2, HIPAA, and internal change management audits ### Agent Security - Outbound-only TLS connections — no inbound ports required on your firewall - Short-lived workspace tokens with environment and organization scope - Least-privilege model: run the agent with only the OS and database permissions required for enabled operations - All agent actions logged with correlation IDs for full traceability ### Infrastructure - Tenant isolation at application and data layers; every request is validated and scoped by workspace - Firewall and WAF on public edges; automated blocking for abusive patterns - Continuous SCA/SAST/container scanning; prioritized remediation for high and critical findings - Periodic third-party penetration testing; remediation tracked to closure - Multi-AZ infrastructure for critical services; encrypted automated backups with periodic restore tests - Blameless post-mortems; customer notification without undue delay if a data incident is confirmed **DPA**: available on request — email legal@migratrix.com **Responsible disclosure**: security@migratrix.com **Compliance roadmap**: working toward SOC 2 Type II attestation — contact us for timelines --- ## How to Get Started Setup takes minutes, not weeks: 1. **Connect your databases** — register DEV, QA, and PROD database connections through the Migratrix UI. Credentials are passed to the agent and encrypted locally; they never touch the platform. 2. **Install the agent** — deploy one agent per network segment with a single command. Available for Linux, macOS, Windows, Docker, and Kubernetes. 3. **Define a flow** — create a pipeline (DEV → QA → PROD), set required approvers per stage, configure RBAC per environment, enable rollback generation. 4. **Write and promote** — write SQL once. Run in DEV, review the schema diff, get approvals, promote to QA and PROD. Rollback scripts are pre-generated. All connections in a flow must use the same database engine (e.g. all PostgreSQL or all MySQL). For cross-engine scenarios, use Data Transfer or Compare & Sync. --- ## Integrations | Category | Supported | |---|---| | **Databases** | PostgreSQL, MySQL, MariaDB, SQL Server, ClickHouse, SQLite, Oracle | | **Git providers** | GitHub, GitLab (webhook-based real-time sync) | | **Authentication** | Email/password, SSO/SAML (Scale), social login | | **Identity management** | SCIM for user provisioning (Scale) | | **Observability** | Prometheus metrics export from agent | | **SIEM / compliance** | Audit log streaming via webhooks; CSV/JSON export | | **Agent platforms** | Linux (systemd), macOS, Windows (service), Docker, Kubernetes | --- ## Company & Mission **Mission:** Eliminate the toil and risk that slows engineering teams down when shipping database changes. **Founded by:** Engineers with deep experience building data platforms and managing migrations across large, heterogeneous database estates. The founders watched the same avoidable mistakes surface repeatedly across organizations of every size — startups shipping fearlessly but without guardrails, enterprises moving slowly but still having incidents, and growth-stage teams where both problems occurred simultaneously. **The insight:** Existing tools were either too low-level (raw SQL scripts, brittle XML migration files) or too cloud-specific to fit teams running mixed stacks. There was no platform that gave developers, DBAs, and release managers a shared, safe, and auditable workflow without requiring heroics. **Quote from the founding team:** > "The best database deployment is one your team doesn't have to think about." **Values:** 1. **Safety first** — rollback scripts, multi-party approvals, and environment locks are architectural choices, not add-ons 2. **Developer experience** — powerful tooling should be a pleasure to use; interfaces that get out of your way when you need to move quickly 3. **Transparency** — full audit trails, visible diffs, clear approval chains; your team always knows what changed, who approved it, and when 4. **Customer obsession** — we onboard alongside customers, gather feedback directly, and ship improvements fast; early customers shape the roadmap **Who Migratrix is built for:** *Startups and small teams:* The guardrails that used to require a full-time DBA, available from day one. Migrate confidently without an ops specialist. Free tier for teams up to 5 users. *Scale-ups and growth teams:* Enforce consistent workflows across squads. No shadow deployments, undocumented hotfixes, or Friday-afternoon surprises reaching production. Multi-team approval workflows and environment promotion chains. *Enterprises and regulated industries:* Immutable audit logs, RBAC, environment isolation, SSO/SAML, and compliance-ready exports. Meets the change management requirements for SOC 2, HIPAA, and internal governance programs without slowing down your engineers. --- ## Roadmap ### Already Live **Database engine support:** MySQL, MariaDB, PostgreSQL, SQL Server, SQLite, Oracle (early), ClickHouse — metadata discovery, schema diffing, and migration workflows. **Real-time migrations:** Execute scripts with live streaming logs, statement-by-statement status, rollback generation, and recovery for interrupted runs. **Database Explorer:** Safe CRUD with environment-aware RBAC, inline SQL editor, column masking, AI Query Generator, and full audit trails. **Cross-database data transfers:** Same-engine and cross-engine data movement with batching, retries, scheduling, and conflict repair. **Schema comparison and diff:** Compare tables, views, indexes, stored procedures, and functions; generate synchronization scripts automatically. **Granular environment permissions:** Fine-grained access control per environment and role — Admin, Editor, Viewer applied independently per environment. **AI SQL generation:** Natural language → production-ready SQL with automatic risk scoring (Low → Critical) and inline warnings. **GitOps integration:** Store migrations as SQL files in GitHub or GitLab; webhook sync on push; Create PR from UI; auto-execute on first environment. **Workspace system:** Personal and organization workspaces with invite-based onboarding, user roles, and per-environment permission assignments. **Agent installers:** Linux (systemd), macOS (Homebrew), Windows (service), Docker, Kubernetes — one command to deploy. **Migration flow pipelines:** DEV → QA → PROD pipelines with multi-party approvals, auto-start policies, rollback scripts, and full status tracking. **Streaming engine:** Binary WebSocket with Protobuf encoding for high-speed metadata streaming between agent and platform. **Observability:** Real-time notifications, approval alerts, server metrics (CPU, memory, disk, network), Prometheus metrics export, analytics dashboard. **Audit exports:** CSV/JSON audit log export; SIEM integration via webhooks. **SSO/SAML:** IdP group → Migratrix role mapping with JIT provisioning (Scale plan). --- ### Coming Q3–Q4 2026 - **Snowflake support**: warehouses, stages, secure views, schema diff, controlled promotion workflows - **Migration Pipelines v2**: pre and post scripts, branching support, test steps, stronger approval flows with conditional gates - **Additional engines**: MongoDB (ETL/pipeline), Redis, Cassandra, DynamoDB, BigQuery, Redshift - **Cloud auto-discovery**: automatic discovery of RDS, Aurora, and Cloud SQL instances - **Advanced monitoring**: alerts for slow queries, lock storms, and failed promotions with PagerDuty/Slack routing ### 2027+ Vision - **AI database assistant**: generate rollbacks, summarize changes, assess risk with full contextual understanding of your schema and application - **Smart schema governance**: continuous drift detection with automatic policy-driven repair - **Data orchestration**: higher-level flows for loading, syncing, and moving data across mixed engine estates - **AI observability**: smarter alerting and automatic remediation for common operational issues --- ## FAQ **How many flows can we have?** Starter: 2 flows. Growth: 3 flows per workspace. Scale: unlimited. Each flow is a pipeline connecting one set of environments (e.g. DEV → QA → PROD for one product). **Can we lock down PROD?** Yes. Configure per-environment RBAC so PROD is read-only for most users, set multi-party approvals so at least 2 approvers must sign off before any migration can run, and enable audit logging for compliance. PROD can be completely locked to a named set of approvers. **Which databases are supported?** PostgreSQL 12+, MySQL 5.6+, MariaDB 10.0+, SQL Server 2012 SP4+, ClickHouse 20.3+, SQLite 3.7+, and Oracle 12c+ (Oracle 11g with limited support). More engines on the roadmap — contact us if yours is missing. **Do you offer rollback scripts?** Growth and Scale plans auto-generate down scripts for every migration. If you include a `-- DOWN` block in your SQL file, Migratrix uses it. If you don't, Migratrix generates one automatically. A bad deploy becomes a one-click fix. **Is there a free trial?** Yes — a free tier for teams up to 5 users with no credit card required. Explore the platform, connect real databases, and run real migrations before committing. **How are users billed?** Starter and Growth are flat monthly fees per workspace. Scale is a custom agreement — contact sales@migratrix.com for volume pricing and annual options. **Does Migratrix store our database data?** No. Migratrix operates on a strict zero data-retention principle. We store only operational metadata (migration SQL definitions, audit logs, configuration schemas). Your database data and credentials are stored exclusively on your self-hosted agent machine, encrypted with AES-GCM AES-256. Migratrix servers never have access to raw production data or credentials. **What is the on-prem agent and do we have to manage it?** The agent is a small binary (or Docker container) that runs inside your network, establishes outbound-only TLS connections to Migratrix, and executes SQL against your databases on instruction. No inbound firewall rules. No VPN. Deploy it as a systemd service, Windows service, Docker container, or Kubernetes pod, and it manages itself — including automatic restart on failure. **Can the agent run in Kubernetes?** Yes. The agent runs as a standard Kubernetes Deployment or DaemonSet. It uses a persistent volume for encrypted credential storage. Works alongside Traefik, nginx, or any ingress controller. **Does Migratrix support SSO?** Yes, on the Scale plan. SAML-based SSO with IdP group → Migratrix role mapping and JIT provisioning for first-time users. SCIM for automated user provisioning and deprovisioning. MFA is supported via your identity provider on all plans. **How do approvals work?** Each environment in a flow can require approval before a migration runs. Configure the minimum number of approvers (e.g. 1 for QA, 2 for PROD). Users with approval permission receive a notification, review the migration and its risk assessment, and approve or reject. Only after the minimum approvals are met can execution proceed. Every approval decision is logged with timestamp and identity. **Can we export audit logs to our SIEM?** Yes. Audit logs can be exported as CSV or JSON, or streamed to your SIEM in real time via webhook integration. Every logged event includes the user identity, action, environment, timestamp, and SQL digest. **What happens if a migration fails mid-execution?** The migration moves to `Failed` state. The pre-generated rollback script is immediately available. You can run the rollback with one click, fix the issue in the migration script, and re-execute — all without manual database access.