An egress security policy is a set of rules defining how network traffic is treated within a domain. Egress Security Policies control traffic flowing out of the network.


  • name (Mandatory): The name of the entity
  • last_updated_by: ID of the user who last updated the object.
  • active: If enabled, it means that this ACL or QOS entry is active
  • default_allow_ip: If enabled a default ACL of Allow All is added as the last entry in the list of ACL entries
  • default_allow_non_ip: If enabled, non ip traffic will be dropped
  • default_install_acl_implicit_rules: If enabled, implicit rule will allow intra domain traffic by default
  • description: A description of the entity
  • entity_scope: Specify if scope of entity is Data center or Enterprise level
  • policy_state: None
  • priority: The priority of the ACL entry that determines the order of entries
  • priority_type: Possible values: TOP, BOTTOM, TOP_FIREWALL, BOTTOM_FIREWALL, MIDDLE_FIREWALL or NONE. TOP and BOTTOM ACL policies can only be defined and managed on the template level, NONE can be used on both the template and instantiated level. TOP_FIREWALL, BOTTOM_FIREWALL, MIDDLE_FIREWALL are used to represent acls dirived from Virtual Firewall Policies. These allow for careful control of ACL priority handling.
  • associated_live_entity_id: In the draft mode, the ACL entry refers to this LiveEntity. In non-drafted mode, this is null.
  • associated_virtual_firewall_policy_id: The ID of the Virtual Firewall Policy, if this was created as part of the Virtual Firewall Policy creation
  • auto_generate_priority: This option affects how ACL entry priorities are generated when not specified. If ‘false’, the priority is generated by incrementing the current highest priority by 100. If ‘true’, a random priority will be generated, which is advised when creating many entries concurrently without specifying the priority. This will cause the ACL entry to be randomly placed in the existing list of ACL entries. Therefore it is advised to only enable this when allow rules are being created.
  • external_id: External object ID. Used for integration with third party systems


class fetcher
numetadata.NUMetadata metadatas
nuegressaclentrytemplate.NUEgressACLEntryTemplate egress_acl_entry_templates
nuglobalmetadata.NUGlobalMetadata global_metadatas
nuvm.NUVM vms
nujob.NUJob jobs
nucontainer.NUContainer containers
nueventlog.NUEventLog event_logs