Opening up ports to the public internet is generally to be avoided. You should restrict access to IP addresses or ranges that explicitly require it where possible.
Exposure of infrastructure to the public internet
Employ more restrictive firewall rules
The following example will fail the openstack-fw-no-public-access check.
The following example will pass the openstack-fw-no-public-access check.