I think this change is not safe. The group name the method [gets passed in](https://github.com/jclouds/jclouds/blob/master/providers/azurecompute-arm/src/main/java/org/jclouds/azurecompute/arm/compute/AzureComputeService.java#L120) is **not** the name of a security group. It is the name of the *jclouds group* (that "logical" group jclouds configures when calling `computeService.createNodesInGroup`.
That cleanup method is intended just to remove the security groups that are created automatically by jclouds (not directly by the user), when nodes are provisioned without specifying security groups, but using the `templateOptions.inboundPorts`. Those "implicit" securoty groups to open the configured ports are created [here](https://github.com/jclouds/jclouds/blob/master/providers/azurecompute-arm/src/main/java/org/jclouds/azurecompute/arm/compute/strategy/CreateResourcesThenCreateNodes.java#L188-L194). Their name is derived from the "group" configured when creating nodes, and the cleanup method attemps to rebuild that name when deleting all orphaned security groups for that node. It should only attempt to delete those "implicit" security groups, so if there is a failure there, we should handle it differently, making sure we just try to delete those groups. Makes sense? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds/pull/1202#issuecomment-386527745