You can use this workflow to add virtual machines (VMs) and IP Sets to multiple security groups. A security group is a collection of assets or grouping objects from your vSphere inventory.

About this task

Global and universal security groups are supported. However, for universal security groups, only universal IP Sets can be added as members. Similarly, for global security groups, global scope IP Sets are supported.

This workflow does best effort in maintaining a transactional behavior. In case any update to a security group fails, this workflow reverts previous security group updates and the workflow fails. However, there are chances that the roll back might fail. In such cases, you should sync with the latest security group memberships.

Procedure

  1. Click the Workflows tab and then navigate to Library > NSX > NSX workflows > Add VMs and IP Sets to multiple security groups.
  2. Click the green Start Workflow icon.
  3. Select the NSX Connection object (NSX endpoint). If not set, select the security groups from the NSX inventory from the vRO inventory view.
  4. Select the security groups. If not set, select the connection from the NSX inventory from the vRO inventory view.
  5. (Optional) Select the security group IDs as an alternative to security group inventory objects.

    This field is ignored if security group objects are selected from the inventory.

  6. Select the list of VMs.
  7. Select the list of IP Sets. If not set, select the IP Set objects from the NSX inventory from the vRO inventory view.
  8. (Optional) Select the IP Set IDs as an alternative to IP Set inventory objects.

    This field is ignored if IP Set objects are selected.

  9. Click Submit.