Google Cloud Storage MCP. Manage GCS data, permissions, and files from chat.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Just plug in your AI agents and start using Vinkius.
Google Cloud Storage MCP Server manages all your GCS buckets and objects directly through your AI agent. You can list buckets, check object metadata, upload files, and audit complex permissions (ACLs and IAM) without ever opening the GCP Console.
It’s your cloud storage administrator, giving you full control over data lifecycle management.
What your AI agents can do
Copy object
Copies a file object from one location to another within or between buckets.
Delete object
Permanently removes a specific file object from a bucket.
Get bucket iam
Retrieves the Identity and Access Management (IAM) policy for an entire bucket.
Retrieves a list of all buckets in the project and provides detailed metadata, including location and storage class.
Allows you to upload new files, copy existing objects between buckets, or delete objects from a specified bucket.
Gets specific details about a file (object), such as its size, creation date, or last modification time.
Checks the Access Control Lists (ACLs) and IAM policies governing access to an entire bucket.
Checks the granular permissions (ACLs) set on a single object file.
Checks the project's storage service account details or lists associated HMAC keys for cross-cloud integration.
Ask AI about this MCP
Supported MCP Clients
Gemini Waiting for input…
Google Cloud Storage MCP Server: 12 Tools for Cloud Ops
Use these 12 tools to list, read, write, and audit every aspect of your Google Cloud Storage project.
019d75a8copy object
Copies a file object from one location to another within or between buckets.
019d75a8delete object
Permanently removes a specific file object from a bucket.
019d75a8get bucket iam
Retrieves the Identity and Access Management (IAM) policy for an entire bucket.
019d75a8get bucket metadata
Gets basic information (metadata) about a specific bucket.
019d75a8get object metadata
Retrieves file-specific details like size, type, and modification date for a single object.
019d75a8get project service account
Checks the status and details of the project's storage service account.
019d75a8list bucket acl
Lists who has access to a bucket and what those permissions are.
019d75a8list buckets
Lists every bucket name in the entire Google Cloud project.
019d75a8list hmac keys
Retrieves a list of HMAC keys associated with the service account.
019d75a8list object acl
Checks the specific permissions set on a single object file.
019d75a8list objects
Lists all files and folders (objects) inside a specified bucket.
019d75a8upload object
Uploads a new file into a specified bucket.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Google Cloud Storage, then connect any of our 4,700+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 4,700+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
What you can do with this MCP connector
Google Cloud Storage MCP Server - Manage GCS Data
Your AI agent handles all your Google Cloud Storage buckets and objects. You can list buckets, check object metadata, upload files, and audit complex permissions (ACLs and IAM) without opening the GCP Console. It's your cloud storage admin, giving you full control over your data lifecycle.
List and Inspect Buckets
list_buckets: Lists every bucket in your project.get_bucket_metadata: Gets basic info about a specific bucket.get_object_metadata: Retrieves file details like size, type, and modification date.list_objects: Lists all files and folders in a bucket.copy_object: Copies a file object from one location to another, either within or between buckets.delete_object: Permanently removes a specific file object from a bucket.get_bucket_iam: Retrieves the Identity and Access Management (IAM) policy for a whole bucket.list_bucket_acl: Lists who has access to a bucket and what those permissions are.list_object_acl: Checks the specific permissions set on a single object file.
Manage Object Files
upload_object: Uploads a new file into a specified bucket.copy_object: Copies a file object from one location to another, either within or between buckets. *delete_object**: Permanently removes a specific file object from a bucket.
Audit Permissions and Credentials
list_bucket_acl: Lists all users and their access permissions for a bucket.list_object_acl: Checks the granular permissions set on a single object file. *get_bucket_iam: Retrieves the IAM policy that governs access to an entire bucket. *get_project_service_account**: Checks the project's storage service account status and details. *list_hmac_keys: Retrieves a list of HMAC keys associated with the service account, which you'll need for cross-cloud integration.
How It Works
Just connect your Google Cloud Storage project to your AI client. Your agent sends a request—like,
How Google Cloud Storage MCP Works
- 1 Subscribe to the server and provide your Google Cloud Project ID and OAuth credentials.
- 2 Complete the secure Google Cloud authorization flow.
- 3 Your AI client sends a request (e.g., 'List all buckets'). The server executes the necessary API call and returns the data to you.
The bottom line is, your AI agent handles all the complex Google Cloud API calls, so you just ask what you need in plain English.
Who Is Google Cloud Storage MCP For?
The ops engineer who's tired of clicking through dashboards at 2 a.m. to check a single log file. This is for security teams that need to audit permissions across dozens of buckets instantly. It's for data scientists who need to quickly verify file sizes or modification dates without manually navigating the console.
Uses the server to check if a specific build artifact or log file exists in a bucket without opening the GCP Console.
Audits bucket permissions and public access settings instantly by asking the agent to check the ACLs or IAM policies.
Browses large datasets and verifies file sizes or modification dates by querying the agent in natural language.
What Changes When You Connect
- You save time by checking object existence. Instead of opening the GCP Console to verify if a build artifact exists, simply ask your agent to run a targeted query, which uses tools like
list_objectsorget_object_metadata. - You enforce compliance easily. To check if a bucket is publicly exposed, you don't manually check settings; you prompt the agent to run
list_bucket_aclorget_bucket_iam, getting an immediate yes/no answer. - You manage data flow without UI headaches. Need to move a file? Use the
copy_objecttool orupload_objectto initiate the transfer, all from a single conversational prompt. - You audit security layers quickly. To verify permissions on a single sensitive file, you run
list_object_acl, skipping the complex navigation required in the native console. - You get visibility into the project setup. Use
list_project_service_accountto confirm the active service account credentials before running any data operations. - You reduce operational risk. By using the agent to handle operations, the complex JSON API calls are abstracted away, letting you focus on the outcome, not the syntax.
Real-World Use Cases
Compliance Check: Verifying Public Access
A security auditor needs to know if the 'user-uploads-data' bucket is public. They ask the agent to check the access. The agent runs list_bucket_acl and confirms public access is not granted, providing immediate proof for the audit log.
Data Migration: Moving a Build Artifact
A DevOps engineer needs to move a finished build from a 'temp-exports' bucket to the 'prod-assets' bucket. They prompt the agent, which runs copy_object, ensuring the file transfer happens and confirms the new location and name.
Debugging: Finding a Missing Log File
A data scientist is debugging an issue and needs a specific log file from the 'staging-logs-backup' bucket. They ask the agent to use list_objects with a prefix, instantly listing all relevant files and checking the metadata of the most recent one.
Preparation: Setting Up a New Data Source
A team lead needs to start using a new dataset. Instead of manually uploading, they prompt the agent to run upload_object, specifying the source and the target bucket, and the agent handles the data transfer and confirmation.
The Tradeoffs
Manual Console Navigation
Opening the GCP Console, clicking 'Buckets,' selecting the correct project, then navigating through multiple tabs (ACL, Metadata, Objects) just to check if a file exists.
→
Just ask your agent. Use list_objects or get_object_metadata in a single prompt. The agent handles the clicks and the data parsing for you.
Assuming Global Permissions
Thinking that because a user can see a bucket name, they automatically have the right to modify its content or audit its policies.
→
Always check permissions first. Run list_bucket_acl or get_bucket_iam before attempting any write or read operation. Never assume access.
Scripting Complex Iterations
Writing a multi-step script that loops through thousands of objects, calling get_object_metadata for each one, and risking timeouts or memory errors.
→
Let the agent handle the iteration. Use list_objects to define the scope, and then ask the agent to process the metadata for the resulting list. It manages the complex pagination internally.
When It Fits, When It Doesn't
Use this server if your core job involves querying, auditing, or moving data within Google Cloud Storage. You need to check if a file exists, confirm who can access it, or manage the object lifecycle. You must use this if you need to audit both ACLs (list_object_acl) and IAM policies (get_bucket_iam) in the same session.
Don't use this if your problem is outside of Google Cloud Storage—for example, managing records in a separate database or sending emails. For those, you need a dedicated messaging or database server. If you only need to view some metadata and not check permissions, get_object_metadata is sufficient, but if you need the full security picture, you must use list_bucket_acl.
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Google Cloud Storage. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This server provides 12 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.
Available Capabilities
Checking cloud file permissions shouldn't take a dozen clicks.
Today, checking a bucket's security status is a nightmare. You log into the GCP Console, find the bucket, then you have to click into the 'Permissions' tab. If you need to check the specific rules for a single object inside, you have to drill down again. It's a lot of tabs and clicking just to answer: 'Is this public?'
With the Google Cloud Storage MCP Server, you just ask your agent. You prompt, 'Show me the permissions for the staging bucket.' The agent runs the necessary API calls and gives you a clean, immediate summary of the ACLs and IAM policies. You get the answer without leaving the chat.
Google Cloud Storage MCP Server: Object and Bucket Ops
The manual steps that disappear are the initial navigation (finding the right bucket, opening the right tab) and the constant switching between the metadata view and the permissions view. You don't have to manually run a `list_objects` command and then write a separate script to check the ACLs for the results.
Your AI agent treats the entire storage system as one unified resource. It handles the complex sequence of listing, checking metadata, and auditing policies so you just get the final, actionable answer.
Common Questions About Google Cloud Storage MCP
How do I use the list_objects tool to find a specific file? +
You simply ask the agent to list objects within a bucket, optionally using a prefix (folder path). The agent runs list_objects and returns a list of file names and their current sizes.
Does the get_bucket_iam tool check public access? +
Yes, the get_bucket_iam tool checks the entire Identity and Access Management (IAM) policy for the bucket. It will show if 'allUsers' or 'allAuthenticatedUsers' have been granted public access.
What's the difference between list_bucket_acl and get_bucket_iam? +
These tools check different things. list_bucket_acl focuses on the Access Control Lists, while get_bucket_iam handles the broader Identity and Access Management policies for the bucket.
Can I delete an object using the delete_object tool? +
Yes. You instruct the agent to delete the object, specifying the bucket and the object name. The agent executes the deletion command, confirming the object is removed.
How do I upload a file using the upload_object tool? +
You prompt the agent with the file name and the target bucket. The agent then runs upload_object, handling the data transfer and confirming the upload was successful.
How do I check the permissions for a whole bucket using the list_bucket_acl tool? +
The list_bucket_acl tool shows every permission set on the bucket. It lists who has access (users or groups) and what actions they can perform (read, write, delete). This is useful for broad compliance checks.
What does the list_objects tool show me about the files inside a bucket? +
The list_objects tool returns a list of object names and their basic metadata. You can filter this list by prefixes (like folders) or sort by modification date. It doesn't show the actual content, just the file paths and structure.
Do I need to use the get_project_service_account tool to access my buckets? +
Yes, the get_project_service_account tool verifies the core service account used by the project. The AI agent uses this identity to make all API calls, so checking it confirms your connection permissions.
Can I upload large files directly through this server? +
The upload_object tool is designed for small to medium text-based content. For very large binary files or production datasets, it is recommended to use the gsutil CLI or the Google Cloud Console to ensure optimal transfer speeds and integrity.
How do I check if a bucket is publicly accessible? +
You can use the list_bucket_acl or get_bucket_iam tools. The AI agent will retrieve the permissions and can identify if roles like 'allUsers' or 'allAuthenticatedUsers' have been granted access.
Can I move files between different buckets? +
Yes! Use the copy_object tool to copy an object from a source bucket to a destination bucket. To 'move' it, you would typically copy the object first and then use delete_object on the source.
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
More in this category
Volcengine Speech Synthesis
The massive 'TikTok Voice' TTS API — generate natural speech with ByteDance's iconic voice models.
Salesforce Marketing Cloud
Manage campaigns, track member engagement, measure marketing ROI, and optimize lead generation through natural conversation.
Razorpay
Automate online payments via Razorpay — manage orders, payments, and refunds directly from any AI agent.
You might also like
Flock
Manage team collaboration via Flock — send rich messages with FlockML, handle public channels and private groups, and search rosters directly from any AI agent.
Public Suffix Extractor
Extract the true root domain, TLD, and subdomain from any URL using the official Mozilla Public Suffix List.
Baidu Qianfan
Orchestrate Baidu Qianfan AI models — manage chat completions, embeddings, and prompt templates directly from any AI agent.