In C# how to get the VMSS instance private IP

Question

In C# how to get the VMSS instance private IP

pipi 25

In C# how can i get the Private IP address from the network interface of VMSS instance?

Resource ID: /subscriptions/<subscriptionid>/resourceGroups/<resourcegroup>/providers/Microsoft.Compute/virtualMachineScaleSets/<vmss>/virtualMachines/<instanceid>/networkInterfaces/

Moved from: Community Center | Not monitored

1 answer

Your answer

Answer 1

Ankit Yadav 6,425 Microsoft External Staff Moderator

Hey @pipi ,

It seems you're trying to retrieve the private IP address of a specific instance within a Virtual Machine Scale Set (VMSS) using C#. Given your resource ID structure, here’s how you can achieve this:

Steps to Get Private IP Address in C#

Retrieve the Network Interface: You should start by obtaining the network interface associated with the VMSS instance. You can use the Azure SDK for .NET, specifically the VirtualMachineScaleSetVMs API to get the instance details.
Get IP Configurations: After you have the network interface details, you can access the IP configurations, which will include the private IP address.

Here’s some example C# code demonstrating this:

using Microsoft.Azure.Management.Fluent;
using Microsoft.Azure.Management.Fluent.Models;

// Initialize Azure credentials and the management client

var azure = Azure.Configure()
    .Authenticate(/* your credentials */)
    .WithDefaultSubscription();

// Specify your resource group, VMSS name, and instance ID

string resourceGroupName = "<resourcegroup>";
string vmssName = "<vmss>";
int instanceId = <instanceid>; // instance ID as an integer
// Get the VMSS instance

var vmssInstance = azure.VirtualMachineScaleSets
    .GetByResourceGroup(resourceGroupName, vmssName)
    .GetVirtualMachines()
    .GetById(instanceId);

// Get the network interfaces

var networkInterfaces = vmssInstance.NetworkProfile.NetworkInterfaces;
// Loop through network interfaces to find the private IP

foreach (var nic in networkInterfaces)
{
    var ipConfigList = nic.IpConfigurations;
    foreach (var ipConfig in ipConfigList)
    {
        var privateIpAddress = ipConfig.PrivateIPAddress;
        // Output private IP Address
        Console.WriteLine($"Private IP Address: {privateIpAddress}");
    }
}

Troubleshooting

If you're not getting the expected results using VirtualMachineScaleSetNetworkResource, ensure that:

You have the right permissions to access the network interface and its configurations.
You're referencing the correct instance ID and network interface configuration.

Additional Resources

If you're still encountering issues, let me know, and we can explore the options

pipi 25 Reputation points

2025-12-02T07:57:34.5933333+00:00

hi Ankit,

Thank you very much for your prompt response. I have try using your code, however Microsoft.Azure.Management.Fluent seem is deprecated and not suggested to use. We are actually will use Azure Function and write the code in C#. We will use DefaultAzureCredential() credential for Azure Function to get the private IP of VMSS instance (we have assigned the permission).

Would you able to provide the solution by using latest SDK of Azure?
eg. Azure.ResourceManager, Azure.Identity

Ankit Yadav 6,425 Microsoft External Staff Moderator

Hello pipi,

I've generated this code using internal tool, can you try below code if it helps to work for you.


using System;

using System.Linq;

using System.Threading.Tasks;

using Azure;

using Azure.Identity;

using Azure.ResourceManager;

using Azure.ResourceManager.Compute;

using Azure.ResourceManager.Network;

public class VmssNetworkingHelper

{

    /// <summary>

    /// Returns the private IP address of a VMSS instance.

    /// Prefers the primary NIC and primary IP configuration if present.

    /// </summary>

    public async Task<string> GetVmssInstancePrivateIpAsync(

        string subscriptionId,

        string resourceGroupName,

        string vmssName,

        string instanceId)

    {

        // DefaultAzureCredential works well in Azure Functions, supports Managed Identity & environment vars.

        var credential = new DefaultAzureCredential();

        var armClient = new ArmClient(credential, subscriptionId);

        try

        {

            // Resolve the VMSS resource

            var vmssId = VirtualMachineScaleSetResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, vmssName);

            var vmss = armClient.GetVirtualMachineScaleSetResource(vmssId);

            // Get the specific VMSS VM resource (instance)

            var vmssVmResource = vmss.GetVirtualMachineScaleSetVmResource(instanceId);

            var vmssVmResponse = await vmssVmResource.GetAsync();

            var vmssVm = vmssVmResponse.Value;

            // Defensive checks

            if (vmssVm?.Data?.NetworkProfile?.NetworkInterfaces == null || vmssVm.Data.NetworkProfile.NetworkInterfaces.Count == 0)

                throw new InvalidOperationException("The VMSS VM has no network interfaces attached.");

            // Prefer the primary NIC if available; otherwise use the first one

            var nicRefs = vmssVm.Data.NetworkProfile.NetworkInterfaces;

            var primaryNicRef = nicRefs.FirstOrDefault(n => n.Primary == true) ?? nicRefs.First();

            if (string.IsNullOrWhiteSpace(primaryNicRef.Id))

                throw new InvalidOperationException("The NIC reference does not contain a valid resource ID.");

            // Parse the NIC resource ID to extract the NIC name

            var nicResourceId = new ResourceIdentifier(primaryNicRef.Id);

            var nicName = nicResourceId.Name;

            if (string.IsNullOrWhiteSpace(nicName))

                throw new InvalidOperationException("Unable to parse NIC name from NIC resource ID.");

            // Get the NIC resource

            var nicId = NetworkInterfaceResource.CreateResourceIdentifier(subscriptionId, resourceGroupName, nicName);

            var nicResource = armClient.GetNetworkInterfaceResource(nicId);

            var nicResponse = await nicResource.GetAsync();

            var nic = nicResponse.Value;

            if (nic?.Data?.IPConfigurations == null || nic.Data.IPConfigurations.Count == 0)

                throw new InvalidOperationException("The NIC has no IP configurations.");

            // Prefer the primary IP configuration; otherwise use the first with a private IP

            var primaryIpConfig = nic.Data.IPConfigurations.FirstOrDefault(ipc => ipc.Primary == true)

                                  ?? nic.Data.IPConfigurations.FirstOrDefault(ipc => !string.IsNullOrEmpty(ipc.PrivateIPAddress));

            if (primaryIpConfig == null)

                throw new InvalidOperationException("No IP configuration with a private IP address was found.");

            if (string.IsNullOrEmpty(primaryIpConfig.PrivateIPAddress))

            {

                // Fallback: search all IP configs for any private IP

                var anyPrivateIp = nic.Data.IPConfigurations

                    .Select(ipc => ipc.PrivateIPAddress)

                    .FirstOrDefault(ip => !string.IsNullOrEmpty(ip));

                if (string.IsNullOrEmpty(anyPrivateIp))

                    throw new InvalidOperationException("No private IP address found on any NIC IP configuration.");

                return anyPrivateIp;

            }

            return primaryIpConfig.PrivateIPAddress;

        }

        catch (Exception ex)

        {

            // Wrap with context; preserve the original exception for diagnostics

            throw new Exception(

                $"Error retrieving private IP for VMSS '{vmssName}', instance '{instanceId}' in RG '{resourceGroupName}': {ex.Message}",

                ex);

        }

    }

}

Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
pipi 25 Reputation points

2025-12-03T03:01:12.0166667+00:00

hi Ankit,

Thank you for the source code. I have tried the code but with the following error:

Content: {"error":{"code":"ResourceNotFound","message":"The Resource 'Microsoft.Network/networkInterfaces/<vmssnetworkinterfacename>' under resource group '<resourcegroupname>' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix"}}

Is is very strange, if i go to Azure Portal > Subscription > Resources, the VMSS instance network interface also could not be found.

It can only be found under Network Security Group > Network Interfaces of basicNsgstg-<vmssname>-nic.

Do you have any idea?
pipi 25 Reputation points

2025-12-08T00:42:02.8833333+00:00

hi Ankit,

Wondering do you have any idea of i cannot get the nic of vmss instances via code?

Thank you.

Ankit Yadav 6,425 Microsoft External Staff Moderator

Hey @pipi ,
In VMSS, network interfaces are internal resources managed by the VMSS resource and are not directly visible in the resource list thus you got the resourceNotFound error. I'm sharing 2 codes generated, can you try both of them and let me know which one works out for you.

1st code, has the ideal way to gather details, ie list out VMSS and it's resources and then get it.

2nd code has the way to list out all NICs in the resource group and then find out the nic based on the VM/VMSS name and share extract the details. Let me know which one works out for you.

using Azure.Identity;
using Azure.ResourceManager;
using Azure.ResourceManager.Compute;
using Azure.ResourceManager.Network;
using System;
using System.Linq;

public async Task<string> GetVmssInstancePrivateIpAsync(
   string subscriptionId,
   string resourceGroupName,
   string vmssName,
   string instanceId)
{
   var credential = new DefaultAzureCredential();
   var armClient = new ArmClient(credential, subscriptionId);

   try
   {
      // Get the VMSS instance
      var vmssResourceId = VirtualMachineScaleSetResource.CreateResourceIdentifier(
          subscriptionId,
          resourceGroupName,
          vmssName);

      var vmss = armClient.GetVirtualMachineScaleSetResource(vmssResourceId);
      var vmInstance = await vmss.GetVirtualMachineScaleSetVmAsync(instanceId);
      var vmInstanceResource = vmInstance.Value;

      // Get the network profile and primary network interface
      var networkProfile = vmInstanceResource.Data.NetworkProfile;

      if (networkProfile?.NetworkInterfaces?.Count == 0)
      {
         throw new Exception("No network interfaces found for this VM instance.");
      }

      // Find the primary network interface (or take the first one)
      var primaryNicReference = networkProfile.NetworkInterfaces
          .FirstOrDefault(nic => nic.Primary == true) ??
          networkProfile.NetworkInterfaces.First();

      // Extract the NIC name from the resource ID
      // The resource ID format is: /subscriptions/{subId}/resourceGroups/{rg}/providers/Microsoft.Network/networkInterfaces/{nicName}
      var nicResourceId = primaryNicReference.Id;
      var nicName = nicResourceId.Name;

      // Get the network interface resource
      var nicResource = armClient.GetNetworkInterfaceResource(nicResourceId);
      var networkInterface = await nicResource.GetAsync();

      // Get the primary private IP address
      var primaryIpConfig = networkInterface.Value.Data.IPConfigurations
          .FirstOrDefault(ip => ip.Primary == true) ??
          networkInterface.Value.Data.IPConfigurations.FirstOrDefault();

      if (primaryIpConfig == null || string.IsNullOrEmpty(primaryIpConfig.PrivateIPAddress))
      {
         throw new Exception("No private IP address found for the network interface.");
      }

      return primaryIpConfig.PrivateIPAddress;
   }
   catch (Exception ex)
   {
      // Enhanced error handling
      throw new Exception($"Error retrieving private IP: {ex.Message}. " +
                          $"Make sure the VMSS instance '{instanceId}' exists and is running, " +
                          $"and that your managed identity has 'Network Contributor' or 'Reader' " +
                          $"permissions on the resource group '{resourceGroupName}'.", ex);
   }
}

If above code throws error then only try below code:

public async Task<string> GetVmssInstancePrivateIpAlternativeAsync(
   string subscriptionId,
   string resourceGroupName,
   string vmssName,
   string instanceId)
{
   var credential = new DefaultAzureCredential();
   var armClient = new ArmClient(credential, subscriptionId);

   // VMSS network interfaces follow a pattern: {vmssName}nic{instanceIndex}
   // For example: "myvmssnic001", "myvmssnic002", etc.
   string expectedNicName = $"{vmssName}nic{instanceId.PadLeft(3, '0')}";

   try
   {
      // Get the resource group
      var subscription = await armClient.GetDefaultSubscriptionAsync();
      var resourceGroup = await subscription.GetResourceGroupAsync(resourceGroupName);

      // Get all network interfaces in the resource group
      var networkInterfaces = await resourceGroup.Value.GetNetworkInterfaces()
          .GetAllAsync()
          .ToEnumerableAsync();

      // Find the NIC for this VMSS instance
      var targetNic = networkInterfaces.FirstOrDefault(nic =>
         nic.Data.Name.StartsWith($"{vmssName}nic", StringComparison.OrdinalIgnoreCase) &&
         nic.Data.VirtualMachine?.Id.EndsWith($"/virtualMachines/{instanceId}") == true);

      if (targetNic == null)
      {
         // Try alternative naming pattern
         targetNic = networkInterfaces.FirstOrDefault(nic =>
             nic.Data.Name.Contains(instanceId) &&
             nic.Data.Name.Contains(vmssName, StringComparison.OrdinalIgnoreCase));
      }

      if (targetNic == null)
      {
         throw new Exception($"Network interface for VMSS instance '{instanceId}' not found. " +
                             $"Looked for patterns: '{vmssName}nic*' containing instance ID '{instanceId}'");
      }

      // Get the primary private IP
      var primaryIpConfig = targetNic.Data.IPConfigurations
          .FirstOrDefault(ip => ip.Primary == true) ??
          targetNic.Data.IPConfigurations.FirstOrDefault();

      return primaryIpConfig?.PrivateIPAddress ??
          throw new Exception("No private IP address found on the network interface.");
   }
   catch (Exception ex)
   {
      throw new Exception($"Failed to get private IP: {ex.Message}", ex);
   }
}

Share via

In C# how to get the VMSS instance private IP

1 answer

Steps to Get Private IP Address in C#

Troubleshooting

Additional Resources

Your answer