Hello Swapnil,
Based on my reading of your post you have 2 questions regarding Advanced Event Mesh.
First : Can you control who has access to data flowing across the Advanced Event Mesh broker?
- Control who can access a queue. This is set inside a queue. You can specify a queue owner. The owner will be a client username that is provisioned on the broker. Then you can manage the access of non-owner users to the queue. If you set to no-access then only clients connected as the owner client username will be able to bind to and consume messages from the queue.
- Control access to topics. This is managed with ACL Profile. ACL Profile controls a client usernames ability to publish and subscribe to topics. These controls are constructed with allow exceptions (things a client username explicitly cannot access) or disallow exceptions (things that client usernames explicitly can access). You will use the AEM topic hierarchy with wildcards to specify these exceptions. You can read further here:
https://help.pubsub.em.services.cloud.sap/Security/Granting-Clients-Access.htm
Second : Can the SAP sm59 destination know if it can publish to a topic? *I am assuming based on other posts you have made that you are using SAP S4/Hana native eventing functionality.
Basically no the sm59 destination cannot know. It will receive an error if it tries to publish to a topic that an ACL rule prevents access to. However you(or your AEM admins) will be in control of the ACL Profiles so I recommend that you configure an ACL Profile for the client username supplied to your sm59 destination that supports publishing of all messages you may wish to expose from S4.
-Jamieson