MCP Tools Reference: managedkafka

Tool: `get_acl`

Get the details of an existing Google Cloud Managed Service for Apache Kafka ACL. Please provide the Project ID, Location, Cluster ID, and ACL ID.

The following sample demonstrate how to use curl to invoke the get_acl MCP tool.

Curl Request
curl --location 'https://managedkafka.googleapis.com/mcp' \ --header 'content-type: application/json' \ --header 'accept: application/json, text/event-stream' \ --data '{ "method": "tools/call", "params": { "name": "get_acl", "arguments": { // provide these details according to the tool's MCP specification } }, "jsonrpc": "2.0", "id": 1 }'

Curl Request

                  
curl --location 'https://managedkafka.googleapis.com/mcp' \
--header 'content-type: application/json' \
--header 'accept: application/json, text/event-stream' \
--data '{
  "method": "tools/call",
  "params": {
    "name": "get_acl",
    "arguments": {
      // provide these details according to the tool's MCP specification
    }
  },
  "jsonrpc": "2.0",
  "id": 1
}'

Input Schema

Request for GetAcl.

GetAclRequest

JSON representation
{ "name": string }

Fields

Fields
`name`	`string` Required. The name of the acl to return. Structured like: `projects/{project}/locations/{location}/clusters/{cluster}/acls/{acl_id}`. The structure of `acl_id` defines the Resource Pattern (resource_type, resource_name, pattern_type) of the acl. See `Acl.name` for details.

name

string

Required. The name of the acl to return. Structured like: projects/{project}/locations/{location}/clusters/{cluster}/acls/{acl_id}.

The structure of acl_id defines the Resource Pattern (resource_type, resource_name, pattern_type) of the acl. See Acl.name for details.

Output Schema

Represents the set of ACLs for a given Kafka Resource Pattern, which consists of resource_type, resource_name and pattern_type.

Acl

JSON representation
{ "name": string, "aclEntries": [ { object (`AclEntry`) } ], "etag": string, "resourceType": string, "resourceName": string, "patternType": string }

Fields
`name`	`string` Identifier. The name for the acl. Represents a single Resource Pattern. Structured like: projects/{project}/locations/{location}/clusters/{cluster}/acls/{acl_id} The structure of `acl_id` defines the Resource Pattern (resource_type, resource_name, pattern_type) of the acl. `acl_id` is structured like one of the following: For acls on the cluster: `cluster` For acls on a single resource within the cluster: `topic/{resource_name}` `consumerGroup/{resource_name}` `transactionalId/{resource_name}` For acls on all resources that match a prefix: `topicPrefixed/{resource_name}` `consumerGroupPrefixed/{resource_name}` `transactionalIdPrefixed/{resource_name}` For acls on all resources of a given type (i.e. the wildcard literal ""): `allTopics` (represents `topic/`) `allConsumerGroups` (represents `consumerGroup/`) `allTransactionalIds` (represents `transactionalId/`)
`aclEntries[]`	`object (AclEntry)` Required. The ACL entries that apply to the resource pattern. The maximum number of allowed entries 100.
`etag`	`string` Optional. `etag` is used for concurrency control. An `etag` is returned in the response to `GetAcl` and `CreateAcl`. Callers are required to put that etag in the request to `UpdateAcl` to ensure that their change will be applied to the same version of the acl that exists in the Kafka Cluster. A terminal 'T' character in the etag indicates that the AclEntries were truncated; more entries for the Acl exist on the Kafka Cluster, but can't be returned in the Acl due to repeated field limits.
`resourceType`	`string` Output only. The ACL resource type derived from the name. One of: CLUSTER, TOPIC, GROUP, TRANSACTIONAL_ID.
`resourceName`	`string` Output only. The ACL resource name derived from the name. For cluster resource_type, this is always "kafka-cluster". Can be the wildcard literal "*".
`patternType`	`string` Output only. The ACL pattern type derived from the name. One of: LITERAL, PREFIXED.

AclEntry

JSON representation
{ "principal": string, "permissionType": string, "operation": string, "host": string }

Fields
`principal`	`string` Required. The principal. Specified as Google Cloud account, with the Kafka StandardAuthorizer prefix "User:". For example: "User:test-kafka-client@test-project.iam.gserviceaccount.com". Can be the wildcard "User:*" to refer to all users.
`permissionType`	`string` Required. The permission type. Accepted values are (case insensitive): ALLOW, DENY.
`operation`	`string` Required. The operation type. Allowed values are (case insensitive): ALL, READ, WRITE, CREATE, DELETE, ALTER, DESCRIBE, CLUSTER_ACTION, DESCRIBE_CONFIGS, ALTER_CONFIGS, and IDEMPOTENT_WRITE. See https://kafka.apache.org/documentation/#operations_resources_and_protocols for valid combinations of resource_type and operation for different Kafka API requests.
`host`	`string` Required. The host. Must be set to "*" for Managed Service for Apache Kafka.

Tool Annotations

Destructive Hint: ❌ | Idempotent Hint: ✅ | Read Only Hint: ✅ | Open World Hint: ❌

MCP Tools Reference: managedkafka Stay organized with collections Save and categorize content based on your preferences.

Tool: get_acl