Allowing unrestricted, public access to cloud services could open an application up to external attack. Disallowing this access is typically considered best practice.
In Azure Console -
In Terraform -
References:
https://learn.microsoft.com/en-us/azure/azure-sql/database/firewall-configure?view=azuresql
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sql_firewall_rule