Skip to main content
Glama
enesjakozh
krzko

Google Cloud MCP Server

by krzko
OverviewInspectSchemaRelated ServersScoreDiscussions
TypeScript
Remote

gcp-iam-list-deployment-services

List Google Cloud Platform services that have predefined deployment permission sets to manage access control for deployment tasks.

Instructions

List all GCP services with pre-defined deployment permission sets

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault

No arguments

Implementation Reference

  • src/services/iam/tools.ts:417-466 (handler)
    Inline handler function that lists all GCP deployment services with their permission sets. It formats a detailed markdown response including service keys, descriptions, permission counts, and usage examples. Uses getAllDeploymentPermissionSets() helper.
    async () => { try { const permissionSets = getAllDeploymentPermissionSets(); let result = `# Available Deployment Services\n\n`; result += `The following GCP services have pre-defined permission sets for deployment validation:\n\n`; permissionSets.forEach((set) => { // Get the service key from the original keys const serviceKey = Object.keys(DEPLOYMENT_PERMISSION_SETS).find( (key) => DEPLOYMENT_PERMISSION_SETS[key] === set, ) || set.service.toLowerCase().replace(/\s+/g, "-"); result += `## ${set.service}\n\n`; result += `**Service Key:** \`${serviceKey}\`\n`; result += `**Description:** ${set.description}\n`; result += `**Required Permissions:** ${set.requiredPermissions.length}\n`; result += `**Optional Permissions:** ${set.optionalPermissions?.length || 0}\n\n`; }); result += `## Usage\n\n`; result += `Use the \`validate-deployment-permissions\` tool with the service key to check your permissions for deploying to any of these services.\n\n`; result += `**Example:** \`validate-deployment-permissions\` with service="cloud-run"\n`; return { content: [ { type: "text", text: result, }, ], }; } catch (error: unknown) { const errorMessage = error instanceof Error ? error.message : "Unknown error"; logger.error(`Error listing deployment services: ${errorMessage}`); return { content: [ { type: "text", text: `# Error Listing Deployment Services\n\nFailed to list deployment services: ${errorMessage}`, }, ], isError: true, }; } }, );
  • src/services/iam/tools.ts:410-466 (registration)
    Registration of the 'gcp-iam-list-deployment-services' tool via server.registerTool call within registerIamTools function. Includes title, description, empty input schema, and inline handler.
    "gcp-iam-list-deployment-services", { title: "List Available Deployment Services", description: "List all GCP services with pre-defined deployment permission sets", inputSchema: {}, }, async () => { try { const permissionSets = getAllDeploymentPermissionSets(); let result = `# Available Deployment Services\n\n`; result += `The following GCP services have pre-defined permission sets for deployment validation:\n\n`; permissionSets.forEach((set) => { // Get the service key from the original keys const serviceKey = Object.keys(DEPLOYMENT_PERMISSION_SETS).find( (key) => DEPLOYMENT_PERMISSION_SETS[key] === set, ) || set.service.toLowerCase().replace(/\s+/g, "-"); result += `## ${set.service}\n\n`; result += `**Service Key:** \`${serviceKey}\`\n`; result += `**Description:** ${set.description}\n`; result += `**Required Permissions:** ${set.requiredPermissions.length}\n`; result += `**Optional Permissions:** ${set.optionalPermissions?.length || 0}\n\n`; }); result += `## Usage\n\n`; result += `Use the \`validate-deployment-permissions\` tool with the service key to check your permissions for deploying to any of these services.\n\n`; result += `**Example:** \`validate-deployment-permissions\` with service="cloud-run"\n`; return { content: [ { type: "text", text: result, }, ], }; } catch (error: unknown) { const errorMessage = error instanceof Error ? error.message : "Unknown error"; logger.error(`Error listing deployment services: ${errorMessage}`); return { content: [ { type: "text", text: `# Error Listing Deployment Services\n\nFailed to list deployment services: ${errorMessage}`, }, ], isError: true, }; } }, );
  • src/services/iam/types.ts:409-411 (helper)
    Helper function called by the tool handler to retrieve all DeploymentPermissionSet objects from the DEPLOYMENT_PERMISSION_SETS constant.
    export function getAllDeploymentPermissionSets(): DeploymentPermissionSet[] { return Object.values(DEPLOYMENT_PERMISSION_SETS); }
  • src/services/iam/types.ts:231-395 (helper)
    Constant data structure defining permission sets for multiple GCP services (Cloud Run, GKE, Compute Engine, etc.). Each entry includes service details, required/optional permissions, and common resources. Used by getAllDeploymentPermissionSets().
    export const DEPLOYMENT_PERMISSION_SETS: Record< string, DeploymentPermissionSet > = { "cloud-run": { service: "Cloud Run", description: "Deploy and manage Cloud Run services", requiredPermissions: [ "run.services.create", "run.services.update", "run.services.get", "run.services.list", "run.services.delete", "run.revisions.get", "run.revisions.list", "iam.serviceAccounts.actAs", ], optionalPermissions: [ "run.services.setIamPolicy", "run.services.getIamPolicy", "cloudsql.instances.connect", "secretmanager.versions.access", ], commonResources: [ "projects/{project}/locations/{location}/services/{service}", ], }, gke: { service: "Google Kubernetes Engine", description: "Deploy and manage GKE clusters and workloads", requiredPermissions: [ "container.clusters.create", "container.clusters.update", "container.clusters.get", "container.clusters.list", "container.clusters.delete", "container.operations.get", "container.operations.list", "compute.instances.get", "compute.instances.list", "iam.serviceAccounts.actAs", ], optionalPermissions: [ "container.clusters.getCredentials", "compute.networks.get", "compute.subnetworks.get", "logging.logEntries.create", "monitoring.metricDescriptors.create", ], commonResources: [ "projects/{project}/locations/{location}/clusters/{cluster}", ], }, "compute-engine": { service: "Compute Engine", description: "Deploy and manage Compute Engine instances", requiredPermissions: [ "compute.instances.create", "compute.instances.delete", "compute.instances.get", "compute.instances.list", "compute.instances.start", "compute.instances.stop", "compute.disks.create", "compute.disks.use", "compute.networks.use", "compute.subnetworks.use", "iam.serviceAccounts.actAs", ], optionalPermissions: [ "compute.instances.setMetadata", "compute.instances.setTags", "compute.firewalls.create", "compute.addresses.create", ], commonResources: ["projects/{project}/zones/{zone}/instances/{instance}"], }, "cloud-functions": { service: "Cloud Functions", description: "Deploy and manage Cloud Functions", requiredPermissions: [ "cloudfunctions.functions.create", "cloudfunctions.functions.update", "cloudfunctions.functions.get", "cloudfunctions.functions.list", "cloudfunctions.functions.delete", "cloudfunctions.operations.get", "iam.serviceAccounts.actAs", ], optionalPermissions: [ "cloudfunctions.functions.setIamPolicy", "cloudfunctions.functions.getIamPolicy", "storage.buckets.get", "storage.objects.create", ], commonResources: [ "projects/{project}/locations/{location}/functions/{function}", ], }, "app-engine": { service: "App Engine", description: "Deploy and manage App Engine applications", requiredPermissions: [ "appengine.applications.create", "appengine.applications.update", "appengine.applications.get", "appengine.versions.create", "appengine.versions.update", "appengine.versions.get", "appengine.versions.list", "appengine.services.get", "appengine.services.list", ], optionalPermissions: [ "appengine.versions.delete", "appengine.instances.get", "appengine.instances.list", "storage.buckets.get", "storage.objects.create", ], commonResources: [ "projects/{project}/services/{service}/versions/{version}", ], }, "cloud-storage": { service: "Cloud Storage", description: "Manage Cloud Storage buckets and objects", requiredPermissions: [ "storage.buckets.create", "storage.buckets.get", "storage.buckets.list", "storage.objects.create", "storage.objects.get", "storage.objects.list", ], optionalPermissions: [ "storage.buckets.delete", "storage.objects.delete", "storage.buckets.setIamPolicy", "storage.buckets.getIamPolicy", ], commonResources: ["projects/{project}/buckets/{bucket}"], }, "cloud-sql": { service: "Cloud SQL", description: "Deploy and manage Cloud SQL instances", requiredPermissions: [ "cloudsql.instances.create", "cloudsql.instances.update", "cloudsql.instances.get", "cloudsql.instances.list", "cloudsql.instances.connect", "cloudsql.databases.create", "cloudsql.databases.get", "cloudsql.databases.list", ], optionalPermissions: [ "cloudsql.instances.delete", "cloudsql.users.create", "cloudsql.users.list", "cloudsql.backupRuns.create", ], commonResources: ["projects/{project}/instances/{instance}"], }, };
  • src/index.ts:202-202 (registration)
    Invocation of registerIamTools(server) in the main server startup, which triggers registration of IAM tools including 'gcp-iam-list-deployment-services'.
    registerIamTools(server);

This server cannot be installed

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/krzko/google-cloud-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server