Skip to content

All Non-Api Management Azure Resources Will Have Private Endpoints

  • Status: Accepted
  • Deciders: brishe
  • Date: 2025-04-10

Context and Problem Statement

By default resources in Azure are publicly available which may open security threat vectors. There are no use cases for any resources being public, with the exception of API Management. API management has use cases where vendor's need access to SAIF endpoints and SAIF has application resources stored off premises that are not on the SAIF network.

Considered Options

  • Leave defaults which make all created resources public
  • Connect resources to a VNET, which will make them private

Decision Outcome

Chosen option: "Connect resources to a VNET, which will make them private", because There are no current use cases for non-API Management resources to be publicly available.