Critical-risk tools in Google Cloud NetApp Volumes MCP Server
16 of the 85 tools in Google Cloud NetApp Volumes MCP Server are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
gcnv_active_directory_deleteDestructiveDeletes an active directory configuration
-
gcnv_backup_deleteDestructiveDeletes a backup from the specified backup vault
-
gcnv_backup_policy_deleteDestructiveDeletes a backup policy in the specified project and location
-
gcnv_backup_vault_deleteDestructiveDeletes a backup vault in the specified project and location
-
gcnv_host_group_deleteDestructiveDeletes a host group in the specified project and location
-
gcnv_kms_config_deleteDestructiveDeletes a KMS configuration
-
gcnv_operation_cancelDestructiveCancels a long-running operation that is still in progress
-
gcnv_quota_rule_deleteDestructiveDeletes a quota rule
-
gcnv_replication_deleteDestructiveDeletes a replication configuration
-
gcnv_snapshot_deleteDestructiveDeletes a GCNV managed snapshot of a volume.
-
gcnv_snapshot_revertDestructiveReverts a GCNV managed volume to a previous snapshot.
-
gcnv_storage_pool_deleteDestructiveDeletes a storage pool in the specified project and location
-
gcnv_volume_deleteDestructiveDeletes a GCNV managed volume in the specified storage pool.
-
ontap_lun_deleteDestructiveDeletes a LUN by UUID. Returns a preview first — show it to the user and get explicit
-
ontap_snapshot_deleteDestructiveDeletes a snapshot from an ONTAP volume. Returns a preview first — show it to the user and get
-
ontap_volume_deleteDestructiveDeletes an ONTAP volume by UUID. Returns a preview first — show it to the user and get
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.