This is very true and a risk with any cloud service. Ie if you make a app and want redundancy, the code is exposed not only by your own security defects, former employees etc, and each cloud provider you host on such as AWS, GCP, Azure, DigitalOcean etc. I think in practice the largest mitigation is the legal system, as its safe to assume your code already exists places you don't want it to.
