Managing multiple GCP configurations with full isolation
gcloud config configurations works fine if you’re switching between regions or clusters in the same project. It breaks down the moment you’re working across different projects, identities, or service accounts — because application_default_credentials.json is global, not per-configuration. The actual problem Two separate things need authenticating: gcloud CLI commands (via gcloud auth login) and third-party tools like Terraform (via gcloud auth application-default login). The second command writes credentials to ~/.config/gcloud/application_default_credentials.json, and that file is shared across all named configurations. ...