Allowing unrestricted, public access to cloud services could open an application up to external attack. Disallowing this access is typically considered best practice.
There are several prerequisites for using private endpoints in Azure Healthcare Services. To learn more, and to find step by step instructions on how to prepare for private endpoints, see the Azure documentation (below). Once it is configured, public access can be disabled for attached services.
In Terraform -
References:
https://learn.microsoft.com/en-us/azure/healthcare-apis/healthcare-apis-configure-private-link?WT.mc_id=Portal-Microsoft_Healthcare_APIs
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/healthcare_service