diff --git a/Orchestrator/Workflows/VM Deprovision/README.md b/Orchestrator/Workflows/VM Deprovision/README.md
new file mode 100644
index 0000000..a7f18db
--- /dev/null
+++ b/Orchestrator/Workflows/VM Deprovision/README.md	
@@ -0,0 +1,14 @@
+# VM Deprovision workflow
+Performs cleanup tasks upon deployment deletion (currently just removing the static DNS record).
+
+![Schema](schema.png)
+
+## Inputs/Outputs
+| Name | Type | Direction | Description |
+|:--- |:--- |:---|:---|
+| `inputProperties` | Properties | Input | full request payload from vRA |
+
+## Variables
+| Name | Type | Value | Description |
+|:--- |:--- |:--- |:--- |
+| `dnsHost` | CompositeType(sshHost:string, sshUser:string, sshPass:SecureString, dnsServers:Array/string, supportedDomains:Array/string):dnsHost | `Endpoints: dnsHost` | object which stores endpoint and credential details for DNS operations |
diff --git a/Orchestrator/Workflows/VM Deprovision/Tasks/01_delete_dns_record.js b/Orchestrator/Workflows/VM Deprovision/Tasks/01_delete_dns_record.js
new file mode 100644
index 0000000..35f3103
--- /dev/null
+++ b/Orchestrator/Workflows/VM Deprovision/Tasks/01_delete_dns_record.js	
@@ -0,0 +1,32 @@
+/*  JavaScript: delete dns record
+    Deletes records in Microsoft DNS by way of an SSH bastion host upon deployment deletion.
+    Inputs: inputProperties (Properties), dnsHost (CompositeType(sshHost:string,sshUser:string,sshPass:SecureString,dnsServers:Array/string,supportedDomains:Array/string):dnsHost)
+    Outputs: none
+*/
+var hostname = inputProperties.resourceNames[0];
+var dnsDomain = inputProperties.customProperties.domain;
+var deleted = false;
+if (dnsHost_supportedDomains.indexOf(dnsDomain) >= 0) {
+    System.log("Attempting to remove DNS record for " + hostname + "...");
+    var sshSession = new SSHSession(dnsHost_sshHost, dnsHost_sshUser);
+    System.debug("Connecting to " + dnsHost_sshHost + "...");
+    sshSession.connectWithPassword(dnsHost_sshPass);
+    for each (var dnsServer in dnsHost_dnsServers) {
+        if (deleted == false) {
+            System.debug("Using DNS Server " + dnsServer + "...");
+            var sshCommand = 'Remove-DnsServerResourceRecord -ComputerName ' + dnsServer + ' -Name ' + hostname + ' -ZoneName ' + dnsDomain + ' -RRType A -Force';
+            System.debug("sshCommand: " + sshCommand);
+            sshSession.executeCommand(sshCommand, true);
+            if (sshSession.exitCode == 0) {
+                System.log("Successfully deleted DNS record.");
+                deleted = true;
+            }
+        }
+    }
+    sshSession.disconnect();
+    if (deleted == false) {
+        System.warn("Error! Unable to delete DNS record.");
+    }
+} else {
+    System.log("No need to remove DNS records.");
+}
\ No newline at end of file
diff --git a/Orchestrator/Workflows/VM Deprovision/schema.png b/Orchestrator/Workflows/VM Deprovision/schema.png
new file mode 100644
index 0000000..daa58b1
Binary files /dev/null and b/Orchestrator/Workflows/VM Deprovision/schema.png differ