From 63904c0b904d8305a03da1b5e3e279bffb50dc55 Mon Sep 17 00:00:00 2001
From: Joseph Hanson <joe@veri.dev>
Date: Sun, 22 Sep 2024 17:14:41 -0500
Subject: [PATCH] test new authorization rules

---
 kubernetes/apps/database/emqx/cluster/cluster.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/kubernetes/apps/database/emqx/cluster/cluster.yaml b/kubernetes/apps/database/emqx/cluster/cluster.yaml
index 62e48c56..8f7d531d 100644
--- a/kubernetes/apps/database/emqx/cluster/cluster.yaml
+++ b/kubernetes/apps/database/emqx/cluster/cluster.yaml
@@ -23,6 +23,14 @@ spec:
           {
             type = built_in_database
             enable = true
+            rules = [
+              {allow, {pattern, "tasmota_"}, publish, ["tasmota/discovery/#"]}.
+              {allow, all, subscribe, ["tasmota/discovery/#"]}.
+              {allow, {pattern, "tasmota_"}, publish, ["cmnd/tasmota_+/#"]}.
+              {allow, {pattern, "tasmota_"}, publish, ["stat/tasmota_+/#"]}.
+              {allow, {pattern, "tasmota_"}, publish, ["tele/tasmota_+/#"]}.
+              {allow, all, subscribe, ["cmnd/tasmota_+/#", "stat/tasmota_+/#", "tele/tasmota_+/#"]}.
+            ]
           }
         ]
         no_match: "deny"