To improve the security of API Management services, restrict connectivity to service configuration endpoints, like direct access management API, Git configuration management endpoint, or self-hosted gateways configuration endpoint.
The following 1 compliance controls are associated with this Policy definition 'API Management should disable public network access to the service configuration endpoints' (df73bd95-24da-4a4f-96b9-4e8b94b402bd)
Secure cloud services by establishing a private access point for the resources. You should also disable or restrict access from public network when possible.
Deploy private endpoints for all Azure resources that support the Private Link feature, to establish a private access point for the resources. You should also disable or restrict public network access to services where feasible.
For certain services, you also have the option to deploy VNet integration for the service where you can restrict the VNET to establish a private access point for the service.
**Implementation and additional context:**
Understand Azure Private Link: