MCP Tools Reference: managedkafka

Tool: `get_acl`

Get the details of an existing Google Cloud Managed Service for Apache Kafka ACL.

The following sample demonstrate how to use curl to invoke the get_acl MCP tool.

Curl Request
curl --location 'https://managedkafka.googleapis.com/mcp' \ --header 'content-type: application/json' \ --header 'accept: application/json, text/event-stream' \ --data '{ "method": "tools/call", "params": { "name": "get_acl", "arguments": { // provide these details according to the tool's MCP specification } }, "jsonrpc": "2.0", "id": 1 }'

Curl Request

                  
curl --location 'https://managedkafka.googleapis.com/mcp' \
--header 'content-type: application/json' \
--header 'accept: application/json, text/event-stream' \
--data '{
  "method": "tools/call",
  "params": {
    "name": "get_acl",
    "arguments": {
      // provide these details according to the tool's MCP specification
    }
  },
  "jsonrpc": "2.0",
  "id": 1
}'

Input Schema

Request message for GetAcl.

GetAclRequest

JSON representation
{ "parent": string, "resourceType": enum (`ResourceType`), "resourceName": string, "patternType": enum (`PatternType`) }

Fields
`parent`	`string` Required. The parent cluster in which to get the ACL. Format: projects/{project}/locations/{location}/clusters/{cluster_id}
`resourceType`	`enum (ResourceType)` Required. The resource type for the ACL.
`resourceName`	`string` Required. The resource name for the ACL.
`patternType`	`enum (PatternType)` Required. The pattern type for the ACL.

Output Schema

Represents the set of ACLs for a given Kafka Resource Pattern, which consists of resource_type, resource_name and pattern_type.

Acl

JSON representation
{ "name": string, "aclEntries": [ { object (`AclEntry`) } ], "etag": string, "resourceType": string, "resourceName": string, "patternType": string }

Fields
`name`	`string` Identifier. The name for the acl. Represents a single Resource Pattern. Structured like: projects/{project}/locations/{location}/clusters/{cluster}/acls/{acl_id} The structure of `acl_id` defines the Resource Pattern (resource_type, resource_name, pattern_type) of the acl. `acl_id` is structured like one of the following: For acls on the cluster: `cluster` For acls on a single resource within the cluster: `topic/{resource_name}` `consumerGroup/{resource_name}` `transactionalId/{resource_name}` For acls on all resources that match a prefix: `topicPrefixed/{resource_name}` `consumerGroupPrefixed/{resource_name}` `transactionalIdPrefixed/{resource_name}` For acls on all resources of a given type (i.e. the wildcard literal ""): `allTopics` (represents `topic/`) `allConsumerGroups` (represents `consumerGroup/`) `allTransactionalIds` (represents `transactionalId/`)
`aclEntries[]`	`object (AclEntry)` Required. The ACL entries that apply to the resource pattern. The maximum number of allowed entries 100.
`etag`	`string` Optional. `etag` is used for concurrency control. An `etag` is returned in the response to `GetAcl` and `CreateAcl`. Callers are required to put that etag in the request to `UpdateAcl` to ensure that their change will be applied to the same version of the acl that exists in the Kafka Cluster. A terminal 'T' character in the etag indicates that the AclEntries were truncated; more entries for the Acl exist on the Kafka Cluster, but can't be returned in the Acl due to repeated field limits.
`resourceType`	`string` Output only. The ACL resource type derived from the name. One of: CLUSTER, TOPIC, GROUP, TRANSACTIONAL_ID.
`resourceName`	`string` Output only. The ACL resource name derived from the name. For cluster resource_type, this is always "kafka-cluster". Can be the wildcard literal "*".
`patternType`	`string` Output only. The ACL pattern type derived from the name. One of: LITERAL, PREFIXED.

AclEntry

JSON representation
{ "principal": string, "permissionType": string, "operation": string, "host": string }

Fields
`principal`	`string` Required. The principal. Specified as Google Cloud account, with the Kafka StandardAuthorizer prefix "User:". For example: "User:test-kafka-client@test-project.iam.gserviceaccount.com". Can be the wildcard "User:*" to refer to all users.
`permissionType`	`string` Required. The permission type. Accepted values are (case insensitive): ALLOW, DENY.
`operation`	`string` Required. The operation type. Allowed values are (case insensitive): ALL, READ, WRITE, CREATE, DELETE, ALTER, DESCRIBE, CLUSTER_ACTION, DESCRIBE_CONFIGS, ALTER_CONFIGS, and IDEMPOTENT_WRITE. See https://kafka.apache.org/documentation/#operations_resources_and_protocols for valid combinations of resource_type and operation for different Kafka API requests.
`host`	`string` Required. The host. Must be set to "*" for Managed Service for Apache Kafka.

Tool Annotations

Destructive Hint: ❌ | Idempotent Hint: ✅ | Read Only Hint: ✅ | Open World Hint: ❌

MCP Tools Reference: managedkafka Stay organized with collections Save and categorize content based on your preferences.

Tool: get_acl