# Google Cloud Storage MCP

> Google Cloud Storage MCP lets you manage your entire cloud storage infrastructure through natural language conversation. Use your AI agent to list buckets, inspect file metadata, audit security permissions (IAM/ACLs), and move data—all without navigating the GCP Console. It's full control over GCS objects and buckets, handled by simple commands.

## Overview
- **Category:** industry-titans
- **Price:** Free
- **Tags:** bucket-management, file-storage, data-archiving, object-metadata, cloud-ops, access-control

## Description

Managing large cloud storage projects usually means spending hours in complex consoles, clicking through nested menus just to check a file size or verify who has access. This MCP changes that. You connect your Google Cloud Storage project, and your AI agent becomes your dedicated administrator. Instead of running API calls manually, you simply ask natural language questions: 'Show me the status of all development buckets' or 'Who can read the user logs in this bucket?' The agent handles the underlying complexity, reading the metadata, checking security policies, and executing operations like uploading new content or copying objects between locations. It means your AI client doesn't just talk to storage; it acts like a knowledgeable cloud ops specialist. This is how Vinkius makes powerful infrastructure tools accessible directly through conversation.

## Tools

### copy_object
Copies a file from one location to another, either within the same bucket or across different buckets.

### delete_object
Permanently removes a specified object (file) from its current bucket.

### get_bucket_iam
Retrieves the full IAM policy that controls who has access to an entire bucket.

### get_bucket_metadata
Gets key information, like creation date and location, for a specific bucket.

### get_object_metadata
Retrieves detailed metadata (size, type, dates) for a single file inside a bucket.

### get_project_service_account
Checks the assigned service account details used by the project's storage resources.

### list_bucket_acl
Lists all current permissions and access rules applied to an entire bucket.

### list_buckets
Retrieves a list of every single storage bucket available in your project.

### list_hmac_keys
Lists the unique HMAC keys associated with a service account for integration purposes.

### list_object_acl
Checks and lists all permissions applied only to one specific object (file).

### list_objects
Finds and lists all files within a bucket that match a given prefix or folder path.

### upload_object
Transfers a new file from your local environment into an empty or existing cloud bucket.

## Prompt Examples

**Prompt:** 
```
List all buckets in my Google Cloud project.
```

**Response:** 
```
Retrieving buckets... You have 4 buckets: 1. 'prod-assets-9302', 2. 'staging-logs-backup', 3. 'user-uploads-data', 4. 'temp-exports'. Would you like the metadata for the 'prod-assets' bucket?
```

**Prompt:** 
```
Find all files in bucket 'prod-assets' that start with 'images/2024/'.
```

**Response:** 
```
Browsing objects... I found 15 objects with that prefix. Notable files include 'logo-v1.png', 'hero-background.jpg', and 'icon-set.svg'. Would you like to see the metadata for 'logo-v1.png'?
```

**Prompt:** 
```
Check who has access to the 'user-uploads-data' bucket.
```

**Response:** 
```
Auditing bucket ACL... The 'user-uploads-data' bucket is restricted to internal service accounts and specific team members (admins). Public access ('allUsers') is currently NOT granted. Would you like the full IAM policy details?
```

## Capabilities

### Discovering and listing buckets
See a complete list of all buckets in your project, along with their specific location and storage class details.

### Finding files within buckets
Browse for objects inside a bucket using prefixes (like folders) to filter down thousands of stored files quickly.

### Uploading new data
Transfer text-based content or artifacts directly into any specified bucket in the cloud.

### Moving and deleting objects
Copy files from one bucket to another, or permanently delete specific objects that are no longer needed.

### Checking security policies
Audit the Access Control Lists (ACLs) and Identity and Access Management (IAM) policies for both entire buckets and individual files.

### Retrieving system details
Get detailed information about the project's service accounts or list keys used for cross-cloud integrations.

## Use Cases

### Verifying compliance before launch
A security team needs to ensure that no sensitive user data is publicly exposed. They ask the agent to check 'user-uploads-data' bucket permissions using list_bucket_acl and get_bucket_iam, confirming public access ('allUsers') is blocked across all objects.

### Archiving old datasets
A data scientist needs to move a year's worth of raw logs from 'logs/2023/' to the cold storage archive. They instruct the agent to list_objects for that prefix and then execute copy_object, keeping the original file intact.

### Troubleshooting missing assets
A cloud engineer can't find a specific build artifact. Instead of opening the console, they ask the agent to list_objects using a known prefix ('assets/images/') and get_object_metadata to verify the exact file name and size.

### Setting up new pipelines
A developer needs to test data flow. They use upload_object to push a dummy configuration file into the staging bucket, then ask list_buckets to confirm the asset is visible and available for downstream processes.

## Benefits

- Audit compliance instantly: Instead of navigating complex IAM and ACL settings, simply ask the agent to check who has read or write access to a specific bucket using list_bucket_acl. You get an immediate pass/fail report.
- Stop manual file checking: Need to know if 'build-v3.zip' exists? Ask your AI client to use list_object_acl and get_object_metadata, getting the status instantly without opening the console.
- Efficient data movement: Use copy_object or upload_object to move datasets between staging and production buckets in a single conversational turn. No more multi-step GUI transfers.
- Deep security oversight: The agent lets you check project service accounts using get_project_service_account, ensuring that cross-cloud integrations are running with the correct permissions.
- Massive time savings for ops teams: Combining list_buckets and list_objects allows your AI client to map out complex data architectures—from finding all assets in 'prod' to locating a specific log file deep within 'logs/2024/'.
- Full lifecycle management: Easily control the full object life cycle, whether you need to delete_object obsolete files or copy_object them for archival purposes.

## How It Works

The bottom line is, you get full control over complex cloud storage operations without ever opening a web console.

1. First, subscribe to this MCP and provide your Google Cloud Project ID along with your OAuth credentials.
2. Next, complete the required secure authorization flow to grant access to your cloud data within the system.
3. Finally, start asking your AI agent questions in Claude, Cursor, or any compatible client. It executes commands like listing buckets or checking permissions on demand.

## Frequently Asked Questions

**How do I check permissions on a specific file using Google Cloud Storage MCP?**
Use list_object_acl to check the access rules for any single file. This is much faster than checking the entire bucket's policy if you only care about one item.

**Can I list all my buckets using Google Cloud Storage MCP?**
Yes, use list_buckets to retrieve a complete roster of every single bucket in your project. This is the starting point for any large-scale audit or inventory task.

**What tool do I use to move files from one storage location to another?**
Use copy_object. This function lets you transfer data between buckets, which is safer than deleting and re-uploading the file manually.

**Does Google Cloud Storage MCP handle metadata retrieval for multiple files?**
Yes, you can request get_object_metadata or list_objects to gather size and modification dates for many files at once through a single query.

**If I need to delete old logs, which tool should I use with Google Cloud Storage MCP?**
Use delete_object. Remember that this action is permanent, so always confirm the file name and bucket before confirming deletion via your agent.