You can use this workflow to remove VMs and IP sets from multiple security groups. Global and universal security groups are supported.

About this task

This workflow does best effort in maintaining a transactional behavior. In case any update to a security group fails, this workflow reverts to previous security group updates and the workflow fails. However, there are changes that the roll back might fail. In such cases, you should synchronize with the latest security group memberships.

Procedure

  1. Click the Workflows tab and then navigate to Library > NSX > NSX workflows > Remove VMs and IP sets from multiple security groups.
  2. Click the green Start Workflow icon.
  3. Select the NSX Connection object (NSX endpoint). If not set, select the connection from the NSX inventory from the vRO inventory view.
  4. Select the security groups. If not set, select the security group from the NSX inventory from the vRO inventory view.
  5. (Optional) Select the security group IDs as an alternative to security group inventory objects.

    This field is ignored if security group objects are selected from the inventory.

  6. Select the list of VMs.
  7. Select the list of IP sets. If not set, select the IP Sets from the NSX inventory from the vRO inventory view.
  8. (Optional) Select the IPSet IDs as an alternative to IPSet inventory objects.

    This field is ignored if IP set objects are selected.

  9. Click Submit.