Keeping HTTP endpoints enabled may leave application vulnerable to MiTM and other attacks.
Certain endpoint settings cannot be updated in the Azure Console, so to disable HTTP, a new endpoint will need to be created. Be sure to stop and/or delete the existing endpoint.
In Azure Console -
In Terraform -
References:
https://learn.microsoft.com/en-us/azure/cdn/cdn-create-a-storage-account-with-cdn
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/cdn_endpoint