I don't think they are trolling; I have exactly the fear that somehow now my email, IP, all linked credit cards on other accounts, etc, are about to be autobanned by the same broken process that got me to this point.
The biggest concern is the complete lack of transparency in why the account was suspended; was I hacked and I need to protect other things? Was my customer data accessed? I haven't the faintest idea, which is a helpless feeling.
I had planned for outages, disconnects, etc, but literally EVERYTHING is behind the Heroku login; because I never considered anything I was doing remotely bad, I never considered I'd be suddenly unable to login to every 3rd party backup service, access environment variables, etc.
You are not your end users. I’ve had services terminated because script kiddies attacked me. Literally nothing in my control, it was bad optics for the provider (and their customers). So you must find a way to insulate yourself. Multiple accounts is the way.
Think of it like this, when you are doing your accounting you don’t put everything on a single line item, you separate by customer to understand where your profit and losses are occurring. Same with service accounts
I'm not trolling. The trouble is that the systems that ban people from cloud platforms are largely automated. And if you trip a wired you have no recourse to talk with an human being, so the actual written lines in the ToS aren't very relevant.
At a certain size, your org should be a resale partner with whatever cloud service it is, so the end customers are getting their own accounts. This varies by size and $$$ spent.
Credit cards should never be linked across accounts thanks to PCI-DSS complince
Same IP ban is also not likely unless you are actually doing nefarious things across multiple accounts. I am also making the assumption you are connecting from some business account and not a residential ISP, though that is changing thanks to covid. FWIW, I have worked at many companies where offices of 300-500 proxy outbound traffic to a single IP, that’s why I don’t believe this is a concern.
The ultimate problem is when you have several logical partition but no billing partition. Also the large marketing firm I worked at had zero phone support with Facebook and Google, yet we did this all day (with a single IP address).
This all boils down to one common thread: you should be taking advice from a lawyer on whether the terms prevent such actions and to have a business continuity plan. If the vendor does something egregious, like shutdown all accounts, then your lawyer can ship them a nice letter which will get their attention
The biggest concern is the complete lack of transparency in why the account was suspended; was I hacked and I need to protect other things? Was my customer data accessed? I haven't the faintest idea, which is a helpless feeling.
I had planned for outages, disconnects, etc, but literally EVERYTHING is behind the Heroku login; because I never considered anything I was doing remotely bad, I never considered I'd be suddenly unable to login to every 3rd party backup service, access environment variables, etc.