Azure Spring Cloud API Portal Public Access is enabled

Description

Disabling the public network access property improves security by ensuring your Spring Cloud API Portals can only be accessed from a private endpoint. This configuration strictly disables access from any public address space outside of Azure IP range and denies all logins that match IP or virtual network-based firewall rules.

Fix - Runtime

Fix - Buildtime

Resource: azurerm_spring_cloud_api_portal
Attribute: public_network_access_enabled (default is "false")

resource "azurerm_spring_cloud_api_portal" "pass" {
  name                          = "default"
  spring_cloud_service_id       = azurerm_spring_cloud_service.example.id
  gateway_ids                   = [azurerm_spring_cloud_gateway.example.id]
  https_only_enabled            = false
  public_network_access_enabled = false
  instance_count                = 1
  sso {
    client_id     = "test"
    client_secret = "secret"
    issuer_uri    = "https://www.example.com/issueToken"
    scope         = ["read"]
  }
}