Made a quick video on the difference between Allow Azure Services and Allow Trusted Azure Services.
If you don't feel like watching the video, the gist of it is Allow Azure Services let's literally any Azure owned IP address to get through the firewall. Allow Trusted Azure Services only let's authenticated, usually with a Managed Identity, services through the firewall. For more details, check out the video!