Design and deploy an application using Gemini CLI

Use the Gemini Cloud Assist and Application Design Center Model Context Protocol (MCP) servers to design, deploy, and troubleshoot Google Cloud infrastructure directly in Gemini CLI.

Objectives

This tutorial helps you do the following:

  • Set up Gemini CLI to use Gemini Cloud Assist and App Design Center MCP servers.
  • Design and deploy Google Cloud infrastructure that is optimized to run your existing application code.
  • Analyze and troubleshoot technical issues.

Costs

In this document, you use the following billable components of Google Cloud:

  • App Design Center.
  • Google Cloud resources that you create as part of your application infrastructure.

To generate a cost estimate based on your projected usage, use the pricing calculator.

New Google Cloud users might be eligible for a free trial.

When you finish the tasks that are described in this document, you can avoid continued billing by deleting the resources that you created. For more information, see Clean up.

Before you begin

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

  2. Install the Google Cloud CLI.

  3. If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.

  4. To initialize the gcloud CLI, run the following command: 

    gcloud init

  5. Create or select a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    • Create a Google Cloud project:

      gcloud projects create PROJECT_ID

      Replace PROJECT_ID with a name for the Google Cloud project you are creating.

    • Select the Google Cloud project that you created:

      gcloud config set project PROJECT_ID

      Replace PROJECT_ID with your Google Cloud project name.

  6. Verify that billing is enabled for your Google Cloud project.

  7. Install the Google Cloud CLI.

  8. If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.

  9. To initialize the gcloud CLI, run the following command: 

    gcloud init

  10. Create or select a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    • Create a Google Cloud project:

      gcloud projects create PROJECT_ID

      Replace PROJECT_ID with a name for the Google Cloud project you are creating.

    • Select the Google Cloud project that you created:

      gcloud config set project PROJECT_ID

      Replace PROJECT_ID with your Google Cloud project name.

  11. Verify that billing is enabled for your Google Cloud project.

  12. To access Gemini Cloud Assist through MCP, you must be in the Trusted Tester program. Reach out to your account team to request access.
  13. Install Gemini CLI.
  14. Make sure you have the App Design Center Admin (roles/designcenter.admin) role in your project.
  15. Make sure you have a role that includes the mcp.googleapis.com/tools.call permission, such as one of the following Gemini Cloud Assist roles:
    • Gemini Cloud Assist Admin (roles/geminicloudassist.admin).
    • Gemini Cloud Assist Editor (roles/geminicloudassist.editor).
    • Gemini Cloud Assist User (roles/geminicloudassist.user).

Prepare the environment

To prepare your environment, authenticate to Google Cloud and enable required services.

Authenticate to Google Cloud

Authenticate to Google Cloud by running the following command in your terminal:

  1. Set up Application Default Credentials to let the MCP servers make API calls.

     gcloud auth application-default login

Enable APIs

Enable the Gemini Cloud Assist and Application Design Center services in your project.

  1. Enable the Gemini Cloud Assist service in your project:

     gcloud services enable geminicloudassist.googleapis.com

  2. Enable the App Design Center service in your project:

     gcloud services enable designcenter.googleapis.com

Configure the MCP servers

The Gemini Cloud Assist and App Design Center MCP servers help you design, assess, deploy, and troubleshoot Google Cloud infrastructure using natural language prompts. To connect to the MCP servers, configure your Gemini CLI settings.

To configure Gemini CLI to use MCP servers, do the following:

  1. Open your Gemini CLI configuration file in one of the following locations:

    • User scope: To apply settings across all of your Gemini CLI projects, open ~/.gemini/settings.json.
    • Workspace scope: To apply settings for a specific Gemini CLI project, open .gemini/settings.json.

    If your configuration file doesn't exist, create a new file.

  2. In settings.json, add or merge the following configuration block under the mcpServers key.

      {
    "mcpServers": {
      "gemini-cloud-assist": {
        "httpUrl": "https://geminicloudassist.googleapis.com/mcp",
        "authProviderType": "google_credentials",
        "oauth": {
          "scopes": ["https://www.googleapis.com/auth/cloud-platform"]
        },
        "timeout": 600000
      },
      "application-design-center": {
        "httpUrl": "https://designcenter.googleapis.com/mcp",
        "authProviderType": "google_credentials",
        "oauth": {
          "scopes": ["https://www.googleapis.com/auth/cloud-platform"]
        },
        "timeout": 600000
      }
    }
  }

    This configuration automatically uses your Application Default Credentials.

  3. Save and close your configuration file.

  4. Start Gemini CLI.

    gemini

  5. Verify that the MCP servers are connected.

    /mcp list

Install SKILL.md files

SKILL.md files provide the App Design Center and Gemini Cloud Assist MCP servers instructions and workflows for infrastructure design, deployment, and troubleshooting.

To add SKILL.md files to Gemini CLI, do the following.

  1. Create a skills/design-and-deploy directory in one of the following locations:

    • User scope: To apply settings across all of your Gemini CLI projects, create ~/.gemini/skills/design-and-deploy/.
    • Workspace scope: To apply settings for a specific Gemini CLI project, create .gemini/skills/design-and-deploy/.

  2. In the skills/design-and-deploy/ directory, create a SKILL.md file using the content from designing-and-deploying-infrastructure.

  3. Create a skills/google-gemini-cloud-assist directory in one of the following locations:

    • User scope: To apply settings across all of your Gemini CLI projects, create ~/.gemini/skills/google-gemini-cloud-assist/.
    • Workspace scope: To apply settings for a specific Gemini CLI project, create .gemini/skills/google-gemini-cloud-assist/.

  4. In the skills/google-gemini-cloud-assist/ directory, create a SKILL.md file using the content from operating-google-cloud.

  5. Exit and restart Gemini CLI.

    /quit

    When you start Gemini CLI again, it automatically discovers your skill file.

  6. Verify that the skill file was automatically discovered.

    /skills list

You successfully configured Gemini CLI to connect to the App Design Center and Gemini Cloud Assist MCP servers and created skill files.

Design your Google Cloud infrastructure

Design infrastructure tailored to store and execute your application code.

  1. Set the project that you want to use:

    gcloud config set project PROJECT_ID

  2. Ask for the Google Cloud infrastructure design.

     My application code is in REPOSITORY_URL. Design the Google Cloud infrastructure required for my application.

    The agent asks to activate the skills you configured. The agent creates an infrastructure design plan and asks for your approval.

  3. Approve the plan.

    Continue with the plan.

    The agent identifies tools to use to create the infrastructure, The agent asks to use the setup_adc tool, which sets up App Design Center in your project.

  4. Allow Gemini Cloud Assist to use the proposed tools.

    The agent proposes a design and asks if you're ready to deploy.

  5. Iterate on the proposed design.

    The infrastructure looks good, but I want to add a cache for frequently accessed data.

    The agent updates the design to integrate your requirement. The agent asks if you want an explanation of the changes, or if you want to test the changes.

You created your initial infrastructure design, and iterated to improve the design.

Assess compliance with security standards

Administrators in your organization have likely configured specific security frameworks that inform infrastructure design and deployment. In this section, verify that your design is compliant with configured security standards.

  1. Make sure that the infrastructure design is compliant with your organization's security standards.

    I want to make sure that infrastructure design is compliant with my organization's security standards.

    The agent analyzes the infrastructure design based on the security frameworks your organization's administrator has specified in Security Command Center. If the audit finds compliance issues, the agent suggest security enhancements and asks for your approval.

  2. Apply the recommended security enhancements

    Apply the recommended security enhancements.

    The agent applies the changes and asks if you're ready to approve the design.

Your infrastructure design is compliant with your organization's security frameworks.

Deploy the infrastructure design

Deploy the infrastructure design to Google Cloud.

  1. Approve the design and deploy.

    Deploy the infrastructure design to my Google Cloud project.

    The agent deploys the final design to your Google Cloud project. The agent asks you to approve changes to your project. For example, you might need to enable an API.

    If the application successfully deploys, The agent displays deployment details, architecture components, and steps to use the application.

  2. If your deployment fails, get help with troubleshooting. For example, you might need to fix component configuration details or Identity and Access Management (IAM) permissions.

    Fix the component configuration errors.

    The agent provides recommendations for component configurations and creates a diff view for you to review and accept.

  3. To try the deployment again after you make changes, repeat the steps in this section.

You deployed your application code and the infrastructure design to Google Cloud.

Clean up

To avoid incurring charges to your Google Cloud account for the resources used in this tutorial, either delete the project that contains the resources, or keep the project and delete the individual resources.

    Delete a Google Cloud project:

    gcloud projects delete PROJECT_ID

What's next