How can I obtain the IP address range that accesses the encryption keys stored in my LKM service?

To obtain the IP address range that Genesys Cloud uses to access the encryption keys stored in your Local Key Management (LKM) service, you can make a request to the following Genesys Cloud Public API endpoint: Get public IP address ranges for Genesys Cloud.

You can improve the security posture in your LKM service by setting up an allowlist based on the IP addresses obtained as an API access criteria.

The request returns a list of IP ranges for various services. To set up an allowlist for LKM service, use the IP range that is marked as “encryption”.

{
  "entities": [
    {
      "cidr": "52.40.250.127/32",
      "service": "imap",
      "region": "us-west-2",
      "direction": "outbound"
    },
    {
      "cidr": "52.40.250.127/32",
      "service": "encryption",
      "region": "us-west-2",
      "direction": "outbound"
    },
    {
      "cidr": "52.24.229.164/32",
      "service": "encryption",
      "region": "us-west-2",
      "direction": "outbound"
    },
    {
      "cidr": "44.253.232.232/32",
      "service": "data-actions",
      "region": "us-west-2",
      "direction": "outbound"
    },
    {
      "cidr": "44.253.232.232/32",
      "service": "smtp",
      "region": "us-west-2",
      "direction": "outbound"
    },
    {
      "cidr": "44.253.232.232/32",
      "service": "imap",
      "region": "us-west-2",
      "direction": "outbound"
    },
    ...
  ]
}