Right, and we will be ditching our Google Cloud account this time, but as explained in the post this will come at either a security or a usability cost for our customers, which is why I did not ditch after the first suspension.
I can understand you not ditching after the first suspension but the second suspension should have been the point where you took the choice.
First time is a fluke, second time is a serious wake-up call, third time it's your fault.
Do you really want to reach the point where all your customers have an outage, you have to rush implementing something else (oidc or api keys) AND rush your customers to change your settings?
Second and third suspensions are a week apart. Wouldn’t be enough time to shift customers to a new auth format, specially when most of the burden is on them.
Those are negligible compared to a 100% availability / uptime cost to your business incurred from being a serf to a feudal tyrant with no name or face that enjoys abusing you.
Using GCP, AWS, or Azure is like volunteering to use your own money to rent heavy construction equipment to construct your own jail cell and excavate your own grave.
But hey, at least you get to avoid the capex on the heavy construction equipment, and it's always¹ available!
¹ except for when human error takes it offline for 14 hours straight
You're not just dealing with a massive bureaucracy, you're dealing with a massive automated bureaucracy whose rules aren't explicit, whose algorithms are buggy, and which can destroy your business on a whim with no recourse, without even noticing.
