mcp_kafka
Verified Safeby williajm
Overview
Provides AI assistants with safe, controlled access to Apache Kafka clusters for data management and observation.
Installation
uv run mcp-kafkaEnvironment Variables
- KAFKA_BOOTSTRAP_SERVERS
- KAFKA_CLIENT_ID
- KAFKA_TIMEOUT
- KAFKA_SECURITY_PROTOCOL
- KAFKA_SASL_MECHANISM
- KAFKA_SASL_USERNAME
- KAFKA_SASL_PASSWORD
- KAFKA_SASL_KERBEROS_SERVICE_NAME
- KAFKA_SASL_KERBEROS_KEYTAB
- KAFKA_SASL_KERBEROS_PRINCIPAL
- KAFKA_SSL_CA_LOCATION
- KAFKA_SSL_CERTIFICATE_LOCATION
- KAFKA_SSL_KEY_LOCATION
- KAFKA_SSL_KEY_PASSWORD
- SAFETY_ALLOW_WRITE_OPERATIONS
- SAFETY_MAX_CONSUME_MESSAGES
- SAFETY_MAX_MESSAGE_SIZE
- SAFETY_TOPIC_BLOCKLIST
- SAFETY_ALLOWED_TOOLS
- SAFETY_DENIED_TOOLS
- SECURITY_RATE_LIMIT_ENABLED
- SECURITY_RATE_LIMIT_RPM
- SECURITY_AUDIT_LOG_ENABLED
- SECURITY_AUDIT_LOG_FILE
- SECURITY_ALLOWED_CLIENT_IPS
- SECURITY_OAUTH_ENABLED
- SECURITY_OAUTH_ISSUER
- SECURITY_OAUTH_AUDIENCE
- SECURITY_OAUTH_JWKS_URL
- MCP_SERVER_NAME
- MCP_LOG_LEVEL
- MCP_JSON_LOGGING
- MCP_DEBUG_MODE
- MCP_KAFKA_LOG_PATH
Security Notes
The server demonstrates a strong focus on security, implementing 2-tier access control (READ/WRITE), configurable topic/group blocklisting, and message size limits. It uses Pydantic's SecretStr for sensitive configuration values like passwords and private keys. Robust input validation is present to prevent invalid topic names or partitions. Rate limiting is implemented to prevent abuse, and comprehensive audit logging with automatic sensitive data redaction ensures traceability. Additionally, JWKS URL validation helps prevent Server-Side Request Forgery (SSRF) attacks.
Similar Servers
kubernetes-mcp-server
Provides a Model Context Protocol (MCP) server for AI agents to interact with Kubernetes and OpenShift clusters, enabling AI-driven cluster management and diagnosis.
mcp-kubernetes
The mcp-kubernetes server acts as a bridge for AI assistants to interact with Kubernetes clusters, translating natural language requests into kubectl, Helm, Cilium, or Hubble operations for debugging and management.
mcp-server-kibana
This server provides a Model Context Protocol (MCP) interface to Kibana, enabling natural language or programmatic access for managing saved objects, executing API requests, and querying server status, with multi-space and dual transport support.
kafka-mcp-server
Bridges LLM models with Apache Kafka, enabling AI agents to perform Kafka operations like producing/consuming messages, managing topics, monitoring consumer groups, and assessing cluster health via the Model Context Protocol (MCP).