Hi Shane and welcome to our community!
We have no static addresses for outgoing connections at all on our service, so that won’t be a viable access control method for you on any service to limit to our calls.
We intend you to use something like an HTTP request header in a function (see GitHub - depadiernos/token-hider-inator: A token/key obscuring function for API calls using Netlify functions. for an example), or use the “signed” functionality on our proxy redirects in case you don’t use a function (details here: Rewrites and proxies | Netlify Docs) to ensure authorization.