hey @MitchellK
Any chance you can use DNS validation instead? Serveral of the clients support major DNS providers which is a more workable solution
Also you should be whitelisting traffic not ports - if someone tries to SSH on port 80 you are actually not more secure etc. Depending on the firewall it might support traffic based rules (which is pretty much the de-factor in the industry now)
Also a reality of working with cloud services is that often they won’t or don’t publish static IPs as they want the ability to move their workloads around and the flexibility to use other providers (AWS vs AZURE etc in the future).
Andrei