Model Context Protocol moderate risk

Confluent

The mcp-confluent server enables AI assistants to interact with Confluent Cloud REST APIs for managing Kafka, Flink, and related services via natural language.

Connections & Capabilities

Connects To

GitHubDockerAWSGCPS3

Capabilities

readwriteexecadmin

Quickstart

Install

npx @confluentinc/mcp-confluent --generate-key

Config

{
  "mcpServers": {
    "confluent": {
      "command": "node",
      "args": [
        "/path/to/confluent-mcp-server/dist/index.js",
         "--env-file",
        "/path/to/confluent-mcp-server/.env",
      ]
    }
  }
}

Exposed MCP Tools (8)

moderate

Create Kafka Topic

Creates a new Kafka topic with specified configurations.

Creates new resources, impacting cluster capacity and potentially data governance.

critical

Delete Kafka Topic

Deletes an existing Kafka topic, including its data.

Destructive operation that permanently removes data.

safe

List Kafka Topics

Lists all Kafka topics in the cluster.

Read-only operation with no side effects.

moderate

Create Flink SQL Statement

Creates a new Flink SQL statement for data processing.

Creates a new data processing job that could consume resources.

high

Delete Flink SQL Statement

Deletes an existing Flink SQL statement.

Removes a data processing job, potentially disrupting data pipelines.

safe

List Connectors

Lists all Kafka Connect connectors.

Read-only operation.

moderate

Create Connector

Creates a new Kafka Connect connector.

Creates a new connector, impacting data flow and resource utilization.

high

Delete Connector

Deletes a Kafka Connect connector.

Removes a connector, potentially disrupting data ingestion or egress.

Safety Assessment

This server provides some security measures like API key authentication and host validation. However, the ability to perform write and delete operations on critical infrastructure components means that compromised credentials could lead to significant damage. Use with caution and restrict API key access.

API key authentication for HTTP/SSE transports
DNS rebinding protection with host header validation
Binds to localhost by default to prevent internet exposure
Option to disable authentication for local development (with warning)

Requires storing Confluent Cloud API keys as environment variables
Potential for unauthorized access if API key is compromised
Write and delete operations possible on Kafka, Flink, and connectors
No mention of explicit RBAC beyond API key authentication