This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of theService Specific Terms, and theAdditional Terms for Generative AI Preview Products. Pre-GA features are available "as is" and might have limited support. For more information, see thelaunch stage descriptions.

Model Context Protocol(MCP) standardizes the way large language models (LLMs) and AI applications oragents connect to outside data sources. MCP servers let you use their tools,resources, and prompts to take actions and get updated data from their backendservice.

Local MCP servers typically run on your local machine and use the standard inputand output streams (stdio) for communication between services on the samedevice. Remote MCP servers run on the service's infrastructure and offer an HTTPendpoint to AI applications for communication between the AI MCP client and theMCP server. For more information on MCP architecture, seeMCP architecture.

This document describes how to use the GKEremote Model Context Protocol (MCP) server to connect toGKE from AI applications such asGemini CLI, agent mode in Gemini Code Assist, ClaudeCode, or in AI applications you're developing.

For information on the GKE local MCP server, seeGKE MCP server on GitHub.

Google and Google Cloud remote MCP servers have the followingfeatures and benefits:

• Simplified, centralized discovery.
• Managed global or regional HTTP endpoints.
• Fine-grained authorization.
• Optional prompt and response security withModel Armor protection.
• Centralized audit logging.

For information about other MCP servers and information about securityand governance controls available for Google Cloud MCP servers,seeGoogle Cloud MCP servers overview.

You might want to use the GKE local MCP serverfor the following reasons:

• Local development and testing
• Offline MCP use
• Cluster and workload creation, including manifest generation for AI/ML workloads
• Local client configuration (usingkubeconfig)
• Query logs
• Get cost and security recommendations for your GKE environment

For more information about how to use our local MCP server, seeGKE MCP server. Thefollowing sections only apply to the GKEremote MCP server.

Before you begin

Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
Install the Google Cloud CLI.
Note: If you installed the gcloud CLI previously, make sure you have the latest version by runninggcloud components update.
If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
Toinitialize the gcloud CLI, run the following command:
gcloudinit
Create or select a Google Cloud project.
Roles required to select or create a project
• Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
• Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.
Note: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.
• Create a Google Cloud project:

  gcloud projects createPROJECT_ID

  ReplacePROJECT_ID with a name for the Google Cloud project you are creating.

• Select the Google Cloud project that you created:

  gcloud config set projectPROJECT_ID

  ReplacePROJECT_ID with your Google Cloud project name.
Verify that billing is enabled for your Google Cloud project.
Enable the Kubernetes Engine API:
Roles required to enable APIs
To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.
gcloudservicesenablecontainer.googleapis.com
Grant roles to your user account. Run the following command once for each of the following IAM roles:roles/container.clusterViewer
gcloudprojectsadd-iam-policy-bindingPROJECT_ID--member="user:USER_IDENTIFIER"--role=ROLE
Replace the following:
• PROJECT_ID: Your project ID.
• USER_IDENTIFIER: The identifier for your user account. For example,myemail@example.com.
• ROLE: The IAM role that you grant to your user account.

Install the Google Cloud CLI.

Note: If you installed the gcloud CLI previously, make sure you have the latest version by runninggcloud components update.

If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.

Toinitialize the gcloud CLI, run the following command:

gcloudinit

Create or select a Google Cloud project.

Roles required to select or create a project

• Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
• Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.

Note: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.

• Create a Google Cloud project:

  gcloud projects createPROJECT_ID

  ReplacePROJECT_ID with a name for the Google Cloud project you are creating.

• Select the Google Cloud project that you created:

  gcloud config set projectPROJECT_ID

  ReplacePROJECT_ID with your Google Cloud project name.

Verify that billing is enabled for your Google Cloud project.

Enable the Kubernetes Engine API:

Roles required to enable APIs

To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.

gcloudservicesenablecontainer.googleapis.com

Grant roles to your user account. Run the following command once for each of the following IAM roles:roles/container.clusterViewer

gcloudprojectsadd-iam-policy-bindingPROJECT_ID--member="user:USER_IDENTIFIER"--role=ROLE

Replace the following:

• PROJECT_ID: Your project ID.
• USER_IDENTIFIER: The identifier for your user account. For example,myemail@example.com.
• ROLE: The IAM role that you grant to your user account.

Required roles

To perform the one-time setup of enabling the GKE remote MCP server,an administrator needs the following roles:

• Organization Policy Administrator (roles/orgpolicy.policyAdmin): Grantthis role on your Google Cloud organization to allow the creation of customorganization policies.
• Service Usage Admin (roles/serviceusage.serviceUsageAdmin): Grant thisrole on your Google Cloud project to allow enabling the remote MCP service endpoint.This role includes theserviceusage.mcppolicy.get andserviceusage.mcppolicy.updatepermissions.

For more information about granting roles, seeManage access to projects, folders, and organizations.

Roles for using the service

The principal that makes calls to the remote MCP server tools needs permissions toaccess GKE resources. This principal can be a human user or anautomated service account. At a minimum, grant the following role on yourGoogle Cloud project:

• MCP Tool User (roles/mcp.toolUser):Grants permission to make tool calls to the MCP server endpoint.
• Kubernetes Engine Cluster Viewer (roles/container.clusterViewer): This role provides the read-only accessneeded for the remote server's tools.

Grant this role to:

• Auser account when a person is interacting with the MCP server through a client like the Gemini CLI.
• Aservice account when building an autonomous agent or application that calls the MCP server.

Enable or disable the GKE remote MCP server

You can enable or disable the GKE remote MCP serverin a project with thegcloud beta services mcp enable command. For moreinformation, see the following sections.

Enable the GKE remote MCP server in a project

If you are using different projects for your client credentials, such as serviceaccount keys, OAuth client ID or API keys, and for hosting your resources, thenyou must enable the GKE service and theGKE remote MCP server on both projects.

To enable the GKE remote MCP server in yourGoogle Cloud project, run the following command:

gcloudbetaservicesmcpenablecontainer.googleapis.com\--project=PROJECT_ID

ReplacePROJECT_ID with the Google Cloud project ID.

The GKE remote MCP server is enabled for use in your Google Cloud Project. If theGKE service isn't enabled for yourGoogle Cloud project, you are prompted to enablethe service before enabling the GKE remote MCPserver.

As a security best practice, we recommend that you enable MCP servers only forthe services required for your AI application to function.

Disable the GKE remote MCP server in a project

To disable the GKE remote MCP server in yourGoogle Cloud project, run the following command:

gcloudbetaservicesmcpdisableSERVICE\--project=PROJECT_ID

The GKE remote MCP server is disabled for use inyour Google Cloud Project.

Authentication and authorization

GKE remote MCP servers use theOAuth 2.0protocol withIdentity and Access Management (IAM)for authentication and authorization. AllGoogle Cloud identitiesare supported for authentication to MCP servers.

The GKE remote MCP server does not accept API keys for authentication.

We recommend creating a separate identity for agents using MCP tools so thataccess to resources can be controlled and monitored. For more information onauthentication, seeAuthenticate to MCP servers.

GKE remote MCP OAuth scopes

OAuth 2.0 uses scopes and credentials to determine if an authenticatedprincipal is authorized to take a specific action on a resource. For moreinformation about OAuth 2.0 scopes at Google, readUsing OAuth 2.0 to access Google APIs.

GKE has the following MCP tool OAuth scopes:

Additional scopes might be required on the resources accessed during a toolcall. To view a list of scopes required forGKE, seeGKE API.

Configure an MCP client to use the GKE MCP server

Host programs, such as Claude or Gemini CLI, can instantiate MCP clients thatconnect to a single MCP server. A host program can have multiple clients thatconnect to different MCP servers. To connect to a remote MCP server, the MCPclient must know at a minimum the URL of the remote MCP server.

In your host, look for a way to connect to a remote MCP server. You are promptedto enter details about the server, such as its name and URL.

For the GKE remote MCP server, enter the following asrequired:

• Server name: GKE remote MCP server
• Server URL orEndpoint: https://container.googleapis.com/mcp
• Transport: HTTP
• Authentication details: Depending on how you want to authenticate, you canenter your Google Cloud credentials, your OAuth Client IDand secret, or an agent identity and credentials. For more information onauthentication, seeAuthenticate to MCP servers.

For host specific guidance, see the following:

• Claude support: Getting started with custom connectors using remote MCP
• Gemini CLI MCP server setup

For more general guidance, seeConnect to remote MCP servers.

Available tools

MCP Tools that are read-only havethe MCP attributemcp.tool.isReadOnly set totrue. You might want to onlyallow read-only tools in certain environments through yourorganization policy.

To view details of available MCP tools and their descriptions for theGKE MCP server, see theGKE MCP reference.

List tools

Use theMCP inspector to list tools, or send atools/list HTTP request directly to the GKEremote MCP server. Thetools/list method doesn't require authentication.

POST /mcp HTTP/1.1Host: container.googleapis.comContent-Type: application/json{  "jsonrpc": "2.0",  "method": "tools/list",}

Sample use cases

The following are sample use cases for the GKE remoteMCP server:

• Inspect the configuration and status of your GKE clusters and node pools. For example, use the prompt:"Show me the details of my 'production-cluster' and list all of its node pools."
• View Kubernetes resource configurations and container logs from within a cluster without using kubectl. For example, use the prompt:"Get the YAML for the 'frontend-deployment' in the 'default' namespace."
• Monitor the status of long-running GKE operations, such as cluster upgrades. For example, use the prompt:"List all the GKE operations in my project from the last hour."

Optional security and safety configurations

MCP introduces new security risks and considerations due to the wide variety ofactions that can be taken with MCP tools. To minimize and manage these risks,Google Cloud offers defaults and customizable policies tocontrol the use of MCP tools in your Google Cloudorganization or project.

For more information about MCP security and governance, seeAI security and safety.

Model Armor

Model Armor is aGoogle Cloud service designed to enhance the security andsafety of your AI applications. It works by proactively screening LLM promptsand responses, protecting against various risks and supporting responsible AIpractices. Whether you are deploying AI in your cloud environment, or onexternal cloud providers, Model Armor can helpyou prevent malicious input, verify content safety, protect sensitive data,maintain compliance, and enforce your AI safety and security policiesconsistently across your diverse AI landscape.

Model Armor is only available inspecific regional locations. If Model Armor isenabled for a project, and a call to that project comes from an unsupportedregion, Model Armor makes a cross-regional call.For more information, seeModel Armor locations.

Enable Model Armor

To enable Model Armor, complete the followingsteps:

1. To enable Model Armor on yourGoogle Cloud project, run the followinggcloud CLI command:

   gcloudservicesenablemodelarmor.googleapis.com\--project=PROJECT_ID

   ReplacePROJECT_ID with yourGoogle Cloud project ID.

2. To configure the recommendedfloor settings for Model Armor,run the following gcloud CLI command:

   gcloudmodel-armorfloorsettingsupdate\--full-uri='projects/PROJECT_ID/locations/global/floorSetting'\--mcp-sanitization=ENABLED\--malicious-uri-filter-settings-enforcement=ENABLED

   ReplacePROJECT_ID with yourGoogle Cloud project ID.

   Model Armor is configured to scan formalicious URLs attempts.

   For moreinformation about configurable Model Armorfilters, seeModel Armor filters.

3. To add Model Armor as a content securityprovider for MCP services, run the followinggcloud CLI command:

   gcloudbetaservicesmcpcontent-securityaddmodelarmor.googleapis.com\--project=PROJECT_ID

   ReplacePROJECT_ID with theGoogle Cloud project ID.

4. To confirm that MCP traffic is sent toModel Armor, run the following command:

   gcloudbetaservicesmcpcontent-securityget\--project=PROJECT_ID

   ReplacePROJECT_ID with theGoogle Cloud project ID.

Model Armor logging

For information about Model Armor audit andplatform logs, seeModel Armor audit logging.

Disable Model Armor in a project

To disable Model Amor on a Google Cloud project, run thefollowing command:

gcloudbetaservicesmcpcontent-securityremovemodelarmor.googleapis.com\--project=PROJECT_ID

ReplacePROJECT_ID with theGoogle Cloud project ID.

MCP traffic on Google Cloud won't be scanned byModel Armor for the specified project.

Disable scanning MCP traffic with Model Armor

If you still want to use Model Armor in aproject, but you want to stop scanning MCP traffic withModel Armor, then run the following command:

gcloudmodel-armorfloorsettingsupdate\--full-uri='projects/PROJECT_ID/locations/global/floorSetting'\--mcp-sanitization=DISABLED

ReplacePROJECT_ID with theGoogle Cloud project ID.

Model Armor won't scan MCP traffic onGoogle Cloud.

Organization level MCP control

You can create custom organization policies to control the use of MCP serversin your Google Cloud organization using thegcp.managed.allowedMCPService constraint. For more information andusage examples, seeGoogle Cloud MCP servers Access control with IAM.

What's next

• Read theGKE remote MCP reference documentation.
• Learn more aboutGoogle Cloud MCP servers.