Google Cloud MCP Servers
Your data warehouse, object storage, container services, and message queues all live in Google Cloud — and until now, Gemini CLI has been on the outside looking in. Google's official MCP servers for BigQuery, Cloud Storage, Cloud Run, and Pub/Sub close that gap: you write one natural-language prompt, and Gemini queries your data warehouse, diagnoses your failing service, and reads your config files — all without leaving the terminal.
What You'll Learn
- Set up Application Default CredentialsADC (Application Default Credentials) is Google's standard mechanism for providing authentication to client libraries and SDKs. The gcloud CLI creates a local credentials file that any Google Cloud SDK automatically uses, so you don't hard-code service account keys. (ADC) for all Google Cloud MCP servers
- Connect the BigQuery MCP server and use natural language to query your data warehouse
- Read, write, and inspect Cloud Storage buckets with the GCS MCP server
- Diagnose and deploy Cloud Run services via MCP from the terminal
- Publish and monitor Pub/Sub topics with conversational prompts
- Chain BigQuery + GCS + Cloud Run into compound multi-service debugging workflows
- Set per-service IAM roles and billing caps to keep MCP usage safe and predictable
Why Google Cloud via MCP?
Before the BigQuery MCP server, using Gemini to analyze your data was like briefing a consultant from memory: you'd copy-paste schemas and a few rows into the chat and hope you described everything correctly. The pain: you missed the column you forgot about, the consultant wrote a query against the wrong table, and you spent 20 minutes debugging something that would have been obvious if they could just look at the schema. The mapping: connecting the BigQuery MCP server is like giving your consultant a live SQL console. Gemini can now introspect the schema, run exploratory queries, see the actual data, and iterate — all in one conversation loop, without you acting as a human relay between the tool and the model.
Google maintains official MCP serversMCP (Model Context Protocol) servers are local or remote processes that expose tools to an AI model via a standardized protocol. Each tool call has a name, parameters, and a return value. The AI model decides when to call each tool based on the conversation context. for the following services:
The official repos for these servers are github.com/googleapis/mcp-toolbox-for-databases (BigQuery, Spanner, Postgres, MySQL) and individual packages under the @google/mcp-server-* npm namespace for Cloud Run, GCS, Pub/Sub, Maps, and YouTube.
The average data team spends 4-6 hours per week writing one-off SQL queries to answer ad-hoc business questions. BigQuery MCP compresses that to minutes per question. Cloud Run MCP turns a 15-step incident response runbook into a 3-prompt conversation. These aren't productivity improvements — they're workflow eliminations.
Authentication: Application Default Credentials
ADCApplication Default Credentials — a Google Cloud authentication strategy where client libraries check a prioritized chain of credential sources. The chain is: (1) GOOGLE_APPLICATION_CREDENTIALS env var, (2) gcloud CLI user credentials (~/.config/gcloud/application_default_credentials.json), (3) attached service account (when running on GCP). This means the same code works locally and in production without changes. works by checking a prioritized credential chain: explicit credentials (via GOOGLE_APPLICATION_CREDENTIALS env var) → gcloud CLI user credentials → service account metadata (when running on GCP itself). For local development, gcloud auth application-default login creates a credentials file that the Google Cloud SDKs — and therefore all MCP servers — pick up automatically. You never embed credentials in config files.
# CHUNK 1 — Install gcloud CLI via winget
# WHAT: Downloads and installs the Google Cloud SDK on Windows
# WHY: gcloud provides the auth commands all MCP servers rely on
# GOTCHA: Restart your terminal after install so PATH is updated
winget install Google.CloudSDK
# CHUNK 2 — Authenticate for local development
# WHAT: Opens a browser OAuth flow that writes ADC credentials to disk
# WHY: These credentials are auto-detected by every Google Cloud SDK
# GOTCHA: Use --no-browser if running on a headless machine (it prints a URL)
gcloud auth application-default login
# CHUNK 3 — Set your default project
# WHAT: Configures which GCP project all gcloud and SDK commands target
# WHY: Most MCP servers inherit this default; you can also override per-server
gcloud config set project YOUR_PROJECT_ID
# CHUNK 4 — Verify credentials are working
# WHAT: Prints a short-lived access token — confirms ADC is set up correctly
# GOTCHA: Token expires after ~1 hour; gcloud refreshes it automatically
gcloud auth application-default print-access-token
# CHUNK 1 — Install gcloud CLI
# WHAT: Downloads and runs the Google Cloud SDK installer script
# GOTCHA: On M1/M2 Mac, use "brew install --cask google-cloud-sdk" instead
curl https://sdk.cloud.google.com | bash
exec -l $SHELL # reload shell to pick up PATH changes
# CHUNK 2 — Initialize and authenticate
# WHAT: gcloud init sets your project; ADC login creates local credentials
gcloud init
gcloud auth application-default login
# CHUNK 3 — For CI/CD: use a service account key file
# WHAT: Points ADC to a JSON key file instead of interactive credentials
# WHY: CI runners have no browser; service accounts are the right auth pattern
export GOOGLE_APPLICATION_CREDENTIALS="/path/to/service-account-key.json"
# CHUNK 4 — Verify
gcloud auth application-default print-access-token
~/.config/gcloud/application_default_credentials.json (Mac/Linux) or %APPDATA%\gcloud\application_default_credentials.json (Windows). Every Google Cloud MCP server reads this file automatically — you never reference it directly. GOTCHA (Windows): If you set GOOGLE_APPLICATION_CREDENTIALS to a path with backslashes in PowerShell, use forward slashes or escape the backslashes: C:/keys/sa-key.json.
For shared team configs or CI pipelines, create a dedicated service account in the GCP Console with the minimum required roles (see the Cost & Best Practices section). Download its JSON key, set GOOGLE_APPLICATION_CREDENTIALS in your environment or CI secrets, and every MCP server will use it automatically — no interactive login required.
BigQuery MCP — Natural Language to SQL
The BigQuery MCP serverAn MCP server that exposes BigQuery tools to Gemini: list_datasets, list_tables, get_table_schema, run_query, and describe_query_results. The server runs as a local npx process and communicates with BigQuery via the Google Cloud Node.js SDK using your ADC credentials. turns your entire data warehouse into a conversational interface. Gemini can list datasets, introspect table schemas, generate correct SQL, run queries, and interpret results — all from a single natural-language prompt.
Adding BigQuery MCP to GEMINI.md
# GEMINI.md — add this block to enable BigQuery MCP
## MCP Servers
- name: bigquery
command: npx
args:
- "-y"
- "@google/mcp-server-bigquery"
- "--project"
- "my-gcp-project"
- "--location"
- "US"
# CHUNK 1 — Install MCP Toolbox for Databases
# WHAT: Google's Python package that wraps BigQuery, Spanner, Postgres, etc.
# WHY: Use this if you need connection pooling or custom SQL templating
pip install mcp-toolbox-for-databases
# CHUNK 2 — Create toolbox_config.yaml
# WHAT: Declarative config that maps data sources to MCP tool sets
# GOTCHA: The YAML indentation is significant; use spaces, not tabs
# CHUNK 1 — Declare the BigQuery data source
# WHAT: Tells MCP Toolbox which GCP project and region to connect to
# WHY: You can define multiple sources (prod vs dev) in the same file
sources:
my_bq_source:
kind: bigquery
project: my-gcp-project
location: US
# CHUNK 2 — Define which tools Gemini gets access to
# WHAT: toolsets control which source-level operations are exposed as MCP tools
# GOTCHA: Omitting a toolset means Gemini has no BigQuery tools at all
toolsets:
bq_tools:
- source: my_bq_source
Real Workflows After Connecting
events— 2.1B rows, partitioned by event_date, clustered by user_id, event_nameusers— 4.2M rows, partitioned by created_dateorders,sessions,page_views,funnel_steps,ab_experiments
event_dateDATE — Partition column. Date the event occurred (UTC).event_timestampTIMESTAMP — Microsecond precision event time.user_idSTRING — Hashed user identifier. Null for anonymous sessions.event_nameSTRING — e.g. "page_view", "add_to_cart", "purchase"event_paramsARRAY<STRUCT> — Key-value event parameters. Use UNNEST() to query.
SELECT u.user_id, u.email, SUM(o.revenue_usd) AS total_revenue FROM `my-gcp-project.analytics.orders` o JOIN `my-gcp-project.analytics.users` u USING (user_id) WHERE o.event_date >= DATE_SUB(CURRENT_DATE(), INTERVAL 30 DAY) GROUP BY u.user_id, u.email ORDER BY total_revenue DESC LIMIT 10Query results (10 rows, 2.3 GB processed, 1.2s):
Top user: user_8821 — $48,204 total revenue. Median top-10 revenue: $19,670. These 10 users represent 3.2% of your user base but 22% of 30-day revenue.
All other 6 days: NORMAL within ±1.2 std devs of the 4-week mean. No other anomalies detected.
--maximum_bytes_billed flag (see Cost section) to cap accidental full-table scans.
What Just Happened?
Gemini made three separate MCP tool calls before writing a single line of SQL: it listed tables, fetched the schema, and only then generated a query it knew would work. This is the key difference from copy-pasting a schema: Gemini always has the current schema, never hallucinates column names, and can iterate if the first query returns unexpected results.
Cloud Storage MCP
## MCP Servers
- name: gcs
command: npx
args:
- "-y"
- "@google/mcp-server-gcs"
- "--project"
- "my-gcp-project"
Use Cases
List & Summarize
List all objects in gs://my-bucket/exports/ and summarize what file types and date ranges are present
Config Audit
Read gs://config-bucket/prod/config.json and check for deprecated settings or missing required keys
IAM Diagnosis
I'm getting 403 errors on gs://my-bucket. Check the bucket IAM policy and tell me what role is missing
Cross-env Diff
Compare gs://config/staging/app.yaml and gs://config/prod/app.yaml — what's different?
- DIFF
database.max_connections: prod=100, staging=25 - DIFF
cache.ttl_seconds: prod=3600, staging=300 - DEPRECATED
legacy_auth_enabled: prod=false, staging=true — this key is deprecated; staging config still has it set to true - DEPRECATED
deprecated_rate_limit: present in staging only — not in prod config at all
Recommendation: Remove legacy_auth_enabled and deprecated_rate_limit from staging config. Both are omitted from prod correctly.
Headless File Processing
For batch workflows, use Gemini CLI in non-interactive mode to process files in GCS from a script or CI step:
# WHAT: Run Gemini CLI headlessly to process GCS files in a CI/automation context
# WHY: --no-interactive suppresses the REPL so output can be piped or redirected
# GOTCHA: Requires GEMINI.md with gcs MCP configured in the working directory
gemini -p "Read gs://my-bucket/reports/*.csv and produce a JSON summary with total row counts and date ranges per file" --no-interactive | Out-File -FilePath summary.json
# WHAT: Same headless execution pattern for bash/CI environments
# WHY: Gemini output can be piped to jq, saved to files, or used in scripts
gemini -p "Read gs://my-bucket/reports/*.csv and produce a JSON summary with total row counts and date ranges per file" --no-interactive > summary.json
-p passes the prompt directly without opening an interactive session. --no-interactive ensures Gemini CLI exits after the first response rather than waiting for more input. GOTCHA: Glob patterns in GCS paths (*.csv) are resolved by the MCP server, not your shell. Quote the entire path to avoid shell expansion.
Cloud Run MCP
## MCP Servers
- name: cloudrun
command: npx
args:
- "-y"
- "@google/mcp-server-cloudrun"
- "--project"
- "my-gcp-project"
- "--region"
- "us-central1"
Incident Response Workflow
- ERROR
ECONNREFUSED connecting to redis:6379— 48 occurrences since 14:23 UTC - ERROR
Request timeout (5s) on /api/cart/checkout— 2 occurrences
REDIS_HOST=redis:6379 but the internal DNS for the Redis service was recently renamed to redis-cache:6379. The previous revision did not have this error.
Recommended fix: Update the REDIS_HOST env var to redis-cache:6379 in the Cloud Run service config and deploy a new revision. Or roll back to api-prod-00046 immediately.
- Memory: 512Mi — CPU: 2 — Min instances: 1 — Max instances: 100
- New revision: api-prod-00048-abc (deployed in 47s)
- Traffic split: 90% → api-prod-00047-xyz (stable) / 10% → api-prod-00048-abc (new)
Monitoring error rates for 5 minutes... New revision error rate: 0.02% vs. stable: 0.03%. Latency p99: 180ms vs. 220ms. New revision is healthier. Reply "promote" to shift 100% traffic, or "rollback" to revert.
A typical Cloud Run incident response with manual gcloud commands takes 12-18 minutes: fetching logs, reading revision history, identifying the change, deploying a fix. The same workflow via Cloud Run MCP takes 2-3 minutes because Gemini drives all the gcloud commands and interprets the outputs. At 3 AM during an on-call incident, that time difference is significant.
Pub/Sub MCP
## MCP Servers
- name: pubsub
command: npx
args:
- "-y"
- "@google/mcp-server-pubsub"
- "--project"
- "my-gcp-project"
Pub/SubGoogle Cloud Pub/Sub is an asynchronous messaging service. Publishers send messages to named topics; subscribers pull from or receive push-delivered messages via subscriptions. It decouples services that produce events from services that consume them, and buffers messages during downstream outages. MCP exposes tools for: listing topics and subscriptions, reading unacked message counts, pulling messages from a subscription (for inspection), and publishing test messages to topics. It does not expose destructive operations like deleting topics by default — you need to explicitly enable those in the server config.
Health Check
List all Pub/Sub topics and show unacked message counts for each subscription
Backlog Diagnosis
My 'payment-events' subscription has 50,000 unacked messages. What should I investigate first?
Test Event
Publish a test event to 'user-signup-topic' with payload {"user_id": "test-123"}
Dead Letter Audit
Check the 'orders-dlq' dead letter queue. Pull the last 5 messages and explain why they failed
- Unacked message count: 52,341 (growing — +1,200 in last 5 min)
- Oldest unacked message age: 2h 14min
- Subscriber pull rate: 0 messages/sec (subscriber is not pulling)
- The consuming service crashed or is OOM-killed (check Cloud Run logs for payment-processor service)
- The subscriber's ack deadline (default: 10s) is too short for slow processing, causing repeated redelivery
- Authentication error on the subscriber side (check IAM: it needs
roles/pubsub.subscriber)
Immediate action: Check Cloud Run service "payment-processor" logs. If it's healthy, increase the ack deadline to 60s and re-check in 5 minutes.
subscriptions.get to read the backlog stats and subscriptions.getIamPolicy to check subscriber permissions. Gemini synthesized these into a ranked list of root causes. GOTCHA: Pub/Sub's "oldest unacked message age" metric is the most reliable signal of subscriber health — message count alone can be misleading if messages are large.
Multi-Service Compound Workflows
Registering multiple MCP servers in GEMINI.md lets Gemini route tool calls to the right service automatically. You describe the goal; Gemini figures out which combination of BigQuery, GCS, Cloud Run, and Pub/Sub calls to make.
## MCP Servers
- name: bigquery
command: npx
args: ["-y", "@google/mcp-server-bigquery", "--project", "my-project"]
- name: gcs
command: npx
args: ["-y", "@google/mcp-server-gcs", "--project", "my-project"]
- name: cloudrun
command: npx
args: ["-y", "@google/mcp-server-cloudrun", "--project", "my-project", "--region", "us-central1"]
Compound Workflow 1 — ETL Pipeline Debugging
Step 2 — GCS output files: FAILED Directory gs://my-bucket/exports/2026-06-10/ does not exist. Found 2026-06-09/ (yesterday) but no 2026-06-10/ prefix. The ETL job completed but wrote files to the wrong date partition.
Step 3 — BigQuery load: FAILED analytics.daily_summary has no row for 2026-06-10. The BigQuery load step depends on the GCS files existing — it skipped because Step 2 failed.
Root cause: The ETL Cloud Run job wrote output to 2026-06-09 instead of 2026-06-10. Likely a timezone bug — the container's TZ is UTC+0 but the partition date logic uses system local time. Check the TARGET_DATE env var in the job definition.
Compound Workflow 2 — Release Validation
/api/v1/legacy-endpoint, not 500s.
BigQuery analytics.api_errors (last 15 min): 2 rows matching the same 404 pattern.
Yesterday 14:00–14:15 UTC baseline: 0 errors. These 404s are new with v2.1.0.
Verdict: INVESTIGATE The deployment is healthy for the new API surface (no 500s, latency normal). However v2.1.0 appears to have removed /api/v1/legacy-endpoint without a redirect. If clients are calling that path, they'll receive 404s. Check if any active clients use it before promoting to 100% traffic.
What Just Happened?
Gemini dispatched tool calls to three separate MCP servers, received independent results, and synthesized them into a single coherent answer with a root cause and recommended fix. From your perspective: one prompt. From Gemini's perspective: a mini orchestration run across your entire infrastructure stack.
Checkpoint — You Now Have a Natural-Language Infrastructure Console
With BigQuery, GCS, Cloud Run, and Pub/Sub MCP servers registered, Gemini CLI can answer questions about your entire Google Cloud stack without you running a single gcloud command. The GEMINI.md config file is the only thing connecting the model to your infrastructure — commit it to version control so your whole team benefits.
Maps & YouTube MCP
These MCP servers use API keysAPI keys are simple bearer tokens used by Google Maps Platform and YouTube Data API. Unlike ADC, they are tied to specific APIs and billed per request. Always restrict your API key to specific APIs and referrer/IP in the Google Cloud Console to prevent misuse. rather than ADC — set them in your environment before starting the MCP server.
Google Maps Platform MCP
## MCP Servers
- name: maps
command: npx
args:
- "-y"
- "@google/mcp-server-maps"
- "--api-key"
- "${GOOGLE_MAPS_API_KEY}"
# PowerShell — set for current session
$env:GOOGLE_MAPS_API_KEY = "AIzaSy..."
# Or set permanently in user profile
[Environment]::SetEnvironmentVariable("GOOGLE_MAPS_API_KEY", "AIzaSy...", "User")
Bulk Geocoding
Geocode all 500 addresses in this CSV and add latitude/longitude columns
Nearest Location
Given this list of 20 service centers, find the 3 nearest to zip code 94107
Route Optimization
Calculate driving time between these 10 depot-to-customer pairs for today's delivery schedule
Address Validation
Check this customer address list for invalid or ambiguous entries before loading to CRM
YouTube Data API MCP
## MCP Servers
- name: youtube
command: npx
args:
- "-y"
- "@google/mcp-server-youtube"
- "--api-key"
- "${GOOGLE_YOUTUBE_API_KEY}"
Competitor Analysis
Get the last 20 videos from channels A, B, and C. Which topics are getting the most views?
Performance Trends
Show views, likes, and comment counts for my channel's last 50 videos. What's trending up?
Bulk Metadata
Update descriptions for all videos in playlist "Product Demos" to include our new CTA text
Search Intent
What are the top 10 YouTube videos for "kubernetes debugging"? Summarize the content gaps
Maps and YouTube use simple API keys, not ADC. This means they bypass IAM role restrictions — the key has access to whatever APIs it's enabled for. Always restrict your API key in the Google Cloud Console to only the Maps/YouTube APIs you need, and set application restrictions (HTTP referrer or IP range). Never commit API keys to version control — use environment variables or a secrets manager.
Cost, Quotas & Best Practices
Per-Service Cost Profile
| Service | What's Billed | Safety Mechanism |
|---|---|---|
| BigQuery | Data scanned per query ($6.25/TB). Even a schema introspection query scans some data. | --maximum_bytes_billed flag on the MCP server |
| Cloud Run | Reads/logs are free. Deployments count toward Cloud Run invocations ($0.40/million). | IAM: restrict to roles/run.developer not admin |
| Cloud Storage | List and read operations ($0.004/10k ops). Large file reads count as Class B ops. | Use a read-only service account for GCS MCP |
| Pub/Sub | Message delivery ($0.04/GB). MCP pull operations count as subscriber pulls. | Limit max_messages in pull config |
| Maps Platform | Per-request billing ($0.005–$0.017 depending on API). No free tier for bulk use. | Set daily quota limit in Cloud Console |
| YouTube Data API | Unit-based quota (10,000 units/day free). Search costs 100 units/request. | Monitor quota usage in Cloud Console dashboard |
BigQuery Cost Guard
## MCP Servers
- name: bigquery
command: npx
args:
- "-y"
- "@google/mcp-server-bigquery"
- "--project"
- "my-gcp-project"
- "--location"
- "US"
- "--maximum_bytes_billed"
- "10737418240" # 10 GB cap — queries scanning more than this will fail safely
--maximum_bytes_billed sets a per-query limit. Any query that would scan more than 10 GB returns an error instead of running. WHY: Accidental full-table scans on a 50-TB table would cost $312. This flag caps your exposure. GOTCHA: Set the limit in bytes, not gigabytes. 1 GB = 1,073,741,824 bytes.
Minimum-Privilege IAM Setup
Create a dedicated service account for your MCP servers and grant only the roles each service actually needs:
# CHUNK 1 — Create a dedicated service account for MCP servers
# WHAT: One SA for all MCP servers, minimal privilege
# WHY: If credentials are ever leaked, the blast radius is limited
$PROJECT = "my-gcp-project"
$SA_NAME = "gemini-mcp-agent"
gcloud iam service-accounts create $SA_NAME `
--display-name "Gemini CLI MCP Agent" `
--project $PROJECT
$SA_EMAIL = "$SA_NAME@$PROJECT.iam.gserviceaccount.com"
# CHUNK 2 — Grant BigQuery read + job run (but not write)
# WHAT: Data Viewer lets the SA read tables/schemas; Job User lets it run queries
# GOTCHA: Do NOT grant BigQuery Admin or Data Editor unless you need writes
gcloud projects add-iam-policy-binding $PROJECT `
--member "serviceAccount:$SA_EMAIL" `
--role "roles/bigquery.dataViewer"
gcloud projects add-iam-policy-binding $PROJECT `
--member "serviceAccount:$SA_EMAIL" `
--role "roles/bigquery.jobUser"
# CHUNK 3 — Grant GCS read-only
gcloud projects add-iam-policy-binding $PROJECT `
--member "serviceAccount:$SA_EMAIL" `
--role "roles/storage.objectViewer"
# CHUNK 4 — Grant Cloud Run developer (not admin)
# WHAT: Developer can deploy and view logs but cannot delete services
gcloud projects add-iam-policy-binding $PROJECT `
--member "serviceAccount:$SA_EMAIL" `
--role "roles/run.developer"
# CHUNK 5 — Download the key and set ADC
gcloud iam service-accounts keys create gemini-mcp-key.json `
--iam-account $SA_EMAIL
$env:GOOGLE_APPLICATION_CREDENTIALS = "C:/keys/gemini-mcp-key.json"
PROJECT="my-gcp-project"
SA_NAME="gemini-mcp-agent"
SA_EMAIL="$SA_NAME@$PROJECT.iam.gserviceaccount.com"
# Create service account
gcloud iam service-accounts create $SA_NAME \
--display-name "Gemini CLI MCP Agent" \
--project $PROJECT
# BigQuery: read schemas + run queries (no writes)
gcloud projects add-iam-policy-binding $PROJECT \
--member "serviceAccount:$SA_EMAIL" \
--role "roles/bigquery.dataViewer"
gcloud projects add-iam-policy-binding $PROJECT \
--member "serviceAccount:$SA_EMAIL" \
--role "roles/bigquery.jobUser"
# Cloud Storage: read only
gcloud projects add-iam-policy-binding $PROJECT \
--member "serviceAccount:$SA_EMAIL" \
--role "roles/storage.objectViewer"
# Cloud Run: deploy + logs, not delete
gcloud projects add-iam-policy-binding $PROJECT \
--member "serviceAccount:$SA_EMAIL" \
--role "roles/run.developer"
# Download key and set ADC
gcloud iam service-accounts keys create ~/keys/gemini-mcp-key.json \
--iam-account $SA_EMAIL
export GOOGLE_APPLICATION_CREDENTIALS="$HOME/keys/gemini-mcp-key.json"
Recommended IAM Roles by Service
| MCP Server | Minimum Read-Only Role | Role to Add for Writes/Deploy |
|---|---|---|
| BigQuery | roles/bigquery.dataViewer + roles/bigquery.jobUser |
roles/bigquery.dataEditor (for INSERT/UPDATE) |
| Cloud Storage | roles/storage.objectViewer |
roles/storage.objectAdmin (for write/delete) |
| Cloud Run | roles/run.viewer |
roles/run.developer (for deploy) |
| Pub/Sub | roles/pubsub.viewer |
roles/pubsub.publisher + roles/pubsub.subscriber |
When setting GOOGLE_APPLICATION_CREDENTIALS in PowerShell, Windows path backslashes can cause parsing errors in some SDKs. Use forward slashes: $env:GOOGLE_APPLICATION_CREDENTIALS = "C:/keys/gemini-mcp-key.json". Alternatively, use a raw string: [Environment]::SetEnvironmentVariable(...). This affects both the npm-based MCP servers and the Python MCP Toolbox.
Use different service accounts for dev, staging, and prod GEMINI.md configs. Your dev SA should have read-only access to dev datasets; your prod SA should have the minimal roles needed for production operations. Store each key in your environment's secret manager (Secret Manager, 1Password, or CI secrets), not on local disk.
Knowledge Check
Six questions on Google Cloud MCP servers.
1. What command sets up Application Default Credentials for local Gemini CLI MCP use on Windows?
GEMINI_GCLOUD_KEY environment variable to your service account JSON path
gcloud auth application-default login after installing the gcloud CLI
auth_token field to GEMINI.md under each MCP server entry
gemini auth gcloud --login within the Gemini CLI REPL
gcloud auth application-default login writes a credentials file that every Google Cloud SDK (including all MCP servers) automatically detects. You run it once and all MCP servers pick it up without any per-server configuration.gcloud auth application-default login. This creates a local credentials file that all Google Cloud SDKs (and therefore all Google Cloud MCP servers) read automatically. No API key or per-server config is needed for ADC.2. How do you add the BigQuery MCP server to a project's GEMINI.md to connect to the "my-project" GCP project?
bigquery: true under a google_cloud: section in GEMINI.md
gemini extensions install bigquery --project my-project
command: npx, args: ["-y", "@google/mcp-server-bigquery", "--project", "my-project"]
BIGQUERY_PROJECT=my-project environment variable and restart Gemini CLI
3. What are the two minimum IAM roles the BigQuery MCP service account needs to run queries (not write data)?
roles/bigquery.admin and roles/bigquery.dataOwner
roles/bigquery.dataEditor and roles/bigquery.user
roles/bigquery.dataViewer and roles/bigquery.jobUser
roles/bigquery.readSessionUser alone is sufficient
bigquery.dataViewer allows reading table data and schemas. bigquery.jobUser allows creating and running query jobs. Both are needed: Viewer without JobUser means you can see the schema but can't execute queries.roles/bigquery.dataViewer (to read table schemas and data) and roles/bigquery.jobUser (to run query jobs). Admin and dataOwner grant far more permissions than needed and violate least-privilege.4. What flag prevents the BigQuery MCP server from running a query that would scan more than a specified amount of data?
--max-scan-gb
--dry-run
--maximum_bytes_billed
--query-budget
--maximum_bytes_billed is passed as a command-line argument to the @google/mcp-server-bigquery npx command in GEMINI.md. Queries that would scan more than this byte limit return an error instead of executing, protecting you from accidental full-table scan costs.--maximum_bytes_billed (in bytes, not gigabytes). It's passed as an argument to the @google/mcp-server-bigquery npx command in GEMINI.md. A 10 GB limit = 10,737,418,240 bytes.5. Your Cloud Run service 'api-prod' is returning 500 errors. Which MCP server would you use to fetch the recent error logs and diagnose the root cause?
@google/mcp-server-cloudrun)
/gcalendar Workspace command
@google/mcp-server-cloudrun) has direct access to Cloud Run service logs, revision history, and deployment status. BigQuery and GCS are not the right tools for live service log access.