The conflation between "Zero Trust" and "Zero Trust implemented with third-party infrastructure" is unfortunate - I think it's reasonable to feel uncomfortable with a third party being in a hyper-privileged position to effectively assert access to your infrastructure, but that's not inherent to Zero Trust and we shouldn't frame the conversation in such a way that assumes that it is.