kafka-mcp-server
Verified Safeby tuannvm
Overview
Bridges LLM models with Apache Kafka, enabling AI agents to perform Kafka operations like producing/consuming messages, managing topics, monitoring consumer groups, and assessing cluster health via the Model Context Protocol (MCP).
Installation
go run cmd/main.goEnvironment Variables
- KAFKA_BROKERS
- KAFKA_CLIENT_ID
- MCP_TRANSPORT
- KAFKA_SASL_MECHANISM
- KAFKA_SASL_USER
- KAFKA_SASL_PASSWORD
- KAFKA_TLS_ENABLE
- KAFKA_TLS_INSECURE_SKIP_VERIFY
- MCP_HTTP_PORT
- OAUTH_ENABLED
- OAUTH_MODE
- OAUTH_PROVIDER
- OAUTH_SERVER_URL
- OIDC_ISSUER
- OIDC_CLIENT_ID
- OIDC_CLIENT_SECRET
- OIDCAudience
- OAUTH_REDIRECT_URIS
- JWT_SECRET
Security Notes
The server demonstrates strong security practices: sensitive configurations (SASL, OAuth secrets) are managed via environment variables (no hardcoding). It supports OAuth 2.1 for HTTP transport with multiple providers (Okta, Google, Azure AD, HMAC) and TLS for Kafka connections. The 'TLSInsecureSkipVerify' option is present but explicitly documented for development/testing only. Comprehensive input validation is implicitly handled by the MCP framework and explicitly in handlers. Continuous integration includes vulnerability scanning (Trivy, govulncheck) and dependency updates with security alerts (Renovate). No 'eval' or malicious patterns were identified.
Similar Servers
slack-mcp-server
Model Context Protocol (MCP) server providing real-time and historical Slack data access to AI models.
mcp-k8s-go
An MCP server enabling AI assistants and users to interact with and manage Kubernetes clusters by listing, getting, applying, and executing commands on Kubernetes resources.
quarkus-mcp-server
A secure Model Context Protocol (MCP) server that provides tools, prompts, and resources through SSE/HTTP and WebSocket, integrating with OIDC/OAuth2 providers for authentication.
tmcp
Build Model Context Protocol (MCP) servers for AI agents, providing schema-agnostic tools, resources, and prompts, with optional OAuth 2.1 authentication and distributed session management.