Looking at a geodatabase in Azure SQL database, the PUBLIC server role has permissions on many geodatabase objects, including INSERT and DELETE on some SDE_* tables, and EXECUTE on data modifying stored procedures.
What this means is that any user added to the database has these privileges by default. Is this necessary for the proper functioning of the geodatabase and, if not, which permissions can be removed from the PUBLIC user role?