I am about to create a small web application which I might deploy to Swisscom PaaS as well.
This should be able to call a Rest API on a remote server.
Remote Server requires all incoming requests to be whitelisted by IP/domain.
Is it enough to whitelist *.scapp.io or myapp.scapp.io when myapp deployed on Swisscom PaaS should be able to access remote API or is it required to use a different domain/IP due to the nature how PaaS is setup and running?
You can find out the source IP of Swisscom Application Cloud Public offering with those commands:
$ cf ssh APP_NAME
$ curl ifconfig.co
194.209.246.112
# example for developer.swisscom.com
This IP doesn't resolve to any domain name. This IP may change / not yet stable. Since the beginning of Application Cloud (more than 3 years the IP didn't change). This is the outgoing IP to whitelist in remote app.
You raised a very good point about stable IP address pool. We consider that and will document the IPs when implemented.