Allowing unrestricted, public access to cloud services could open an application up to external attack. Disallowing this access is typically considered best practice. For a service such as Azure Key Vault, disallowing this access also helps protect the services that utilize keys, secrets, and certificates. In addition, this can help a company adhere to compliance and regulatory requirements.
In Azure Console -
In Terraform -
References:
https://learn.microsoft.com/en-us/azure/key-vault/general/overview
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/key_vault