I have a webhook-receiving application behind a private firewall (not in GCP, AWS, Azure, etc.) and am trying to maintain least privilege access principles by limiting access to only Particle Cloud egress/source IP addresses.
I found the list of ingress (destination) IP addresses for Particle Cloud that devices will connect to (Device --> Particle Cloud) but this is not the piece of the puzzle I need.
I need the source (egress) IP addresses that Particle Cloud uses to call my webhook (Particle Cloud --> webhook/integration).
Even if my webhook-receiving application were hosted in a cloud provider (GCP, etc.) I would still want to follow least privilege access principles and limit access to an allow list in a WAF as there is no need for the entire Internet to access this application.
At the moment I am having to monitor my firewall logs and try to correlate failure counts in the Integrations page along with how frequently my Boron LTE device publishes an event to Particle Cloud to deduce if a source IP is likely genuinely from Particle Cloud or one of the many random IPs constantly trying to scan my endpoint.
I would love to see a list similar to the JSON file already published in the documentation link above for this. For science, I did try using that list of ingress IP addresses in my firewall, in case the Particle Cloud platform performed both ingress/egress message processing using the same IPs. No dice. The egress IPs from Particle Cloud are, so far, not on that ingress IP list.