CloudSignal Docs
DashboardAccess Control

Policy Simulator

Test access control policies before deploying

The policy simulator lets you test whether a specific user would be allowed or denied access to a topic, without deploying the policy.

Using the Simulator

  1. Navigate to Dashboard → Access Control
  2. Click the Simulator button in the toolbar
  3. Enter test parameters:
    • Username: The MQTT username to test (e.g., sensor-001)
    • Topic: The topic to test (e.g., data/sensor-001/temperature)
    • Action: publish or subscribe
  4. Click Simulate
  5. The result shows Allowed or Denied with the matching rule

What Gets Tested

The simulator evaluates your current editor content, not the deployed policy. This means you can:

  1. Edit the policy in the editor
  2. Test it in the simulator
  3. Iterate until the rules are correct
  4. Then deploy

The simulator tests against the policy currently in the editor, not the live deployed policy. This lets you safely experiment before deploying.

Example

Testing with:

  • Username: sensor-001
  • Topic: data/sensor-001/temperature
  • Action: publish

Against this policy:

{
  "rules": [
    { "user": "sensor-*", "topic": "data/{username}/#", "permission": "publish" }
  ]
}

Result: Allowed - matches rule 1 (sensor-* matches sensor-001, data/{username}/# resolves to data/sensor-001/# which matches data/sensor-001/temperature)

ACL Presets

Start with pre-built access control templates

Sessions

Monitor live MQTT sessions, filter by status, and disconnect clients

On this page

Using the SimulatorWhat Gets TestedExample