software

GCP Claude Code Plugin

Published: (April 21, 2026 at 04:08 PM EDT)
3 min read
Source: Dev.to

Source: Dev.to

Overview

Claude Code on GCP currently offers only basic MCP servers that give Claude API access to GCP services, without the deeper infrastructure knowledge needed for production‑grade deployments. To fill this gap, an open‑source Claude Code plugin (Apache 2.0) provides skills, agents, hooks, slash commands, and starter templates that teach Claude how to work with GCP infrastructure—deploy patterns, IAM least‑privilege practices, Secret Manager workflows, Cloud Build triggers, and more.

GitHub:

Features

Skills & References

  • Cloud Run – deploy, scale, traffic splitting, canary/blue‑green, jobs
  • Cloud Build – CI/CD pipelines, triggers, caching, approvals
  • IAM – service accounts, least privilege, Workload Identity Federation, custom roles
  • Secret Manager – create/version/mount secrets, rotation, access patterns

Each skill includes a SKILL.md and a references/ directory with deep‑dive guides for specific patterns.

Agents

  • Orchestration Agent – detects project type, validates the Dockerfile, builds the image, deploys to Cloud Run, and verifies health.
  • Security Audit Agent – scans IAM configurations for overly broad roles.
  • Cost Agent – provides cost estimates for proposed actions.
  • Incident Agent – monitors service health and surfaces errors.

Commands (Slash Commands)

  • /gcp-deploy – interactive deploy wizard
  • /gcp-status – service health dashboard (revisions, traffic, errors, resource config)

Safety Protocol

  • CLAUDE.md Safety Protocol – Claude must explain every command (purpose, billing impact, reversibility) and obtain explicit confirmation before execution.
  • PreToolUse Hook – automatically intercepts and blocks high‑risk commands such as destructive operations, overly broad IAM roles (roles/editor, roles/owner), public access grants, and service‑account key creation.
  • Built‑in Permission System – every Bash command in the terminal requires user approval; the hook feeds context back to Claude for re‑confirmation.

Example Setup

# Clone the repository
git clone https://github.com/shamis6ali/claude-gcp.git
# Run Claude with the plugin directory
claude --plugin-dir /path/to/claude-gcp

Sample Use Cases

  • FastAPI on Cloud Run – FastAPI app with Secret Manager integration and structured logging.
  • GitHub Actions + WIF – keyless deployments using Workload Identity Federation (no service‑account keys).

Release History

  • v0.2.0 – Vertex AI, Cloud Tasks, VPC Networking, Security Audit Agent, Cost Agent
  • v0.3.0 – Cloud Logging, Cloud Storage, Pub/Sub, Incident Agent
  • v1.0.0 – Full test coverage, plugin marketplace submission

Installation & Usage

# Install the plugin (assuming Claude is already installed)
claude --plugin-dir /path/to/claude-gcp

After installation, use the slash commands (/gcp-deploy, /gcp-status) within Claude to interactively manage GCP resources.

Feedback & Contributions

Feedback on which GCP services to cover next is welcome. Please drop a comment or open an issue on the GitHub repository.

0 views
#software #programming #community
View source
Share:
Back to Blog

Related posts

Read more »