Isolate devices on network?

I’m new to timescale. I have a network of raspberry pi’s in different geographic locations. I would like to limit ssh to 1 or 2 machines on the network at my location to all these pi’s devices. Not allow all the pi’s to connect with each other. How can I accomplish this?

Thanks for the help.

You can limit which devices can see other devices using ACLs. You can find details here: ACLs, ABAC, RBAC, and network security policies - Tailscale