Azure Reference Architecture - Security Groups expose backend services publically
During an Security audit I noticed that the Terraform for gitlab_azure_instance exposes all services publicly including backend services. The Security group or Groups should only expose at secure ingress points.