In our verified bot request, we provide a URL containing the IP list of our service to Cloudflare. However, these IP details are sensitive and should not be publicly accessible. Does Cloudflare offer any solution or mechanism to enforce an access policy that ensures this information is only shared with Cloudflare?
You can use Cloudflare Access to control who can access your application with the IP list. Access policies contain rules that specify what is allowed or denied based on criteria such as email, IP range, and identity provider.
Thanks for your response,
Now, we have deployed a site on AWS which is providing IP list URL to Cloudflare for Verified Bot application. Because of security consideration, we need limit the access to only Cloudflare by aws policy. Is there any suggestion for us, ex can we get the Cloudlare Outbound IPs that is added and allowed in aws policy.