[GCP][Azure] Can create resource in different project/resource group than invDeployment

[smcclure20]

You can produce this behavior with two different GCP projects. If you set your invDeployment and PARAGLIDER_GCP_PROJECT environment variable to "projects/project-1" and then use the Paraglider controller to create a VM in another project by specifying the project field in the VM description as some other project (e.g., "project-2"), the VM will be created in project-2, but all address space decisions (made by the front end controller) will be made based on the VPCs in project-1.

To fix, we should either: (1) Replace the project field in the VM description in the frontend with invDeployment (2) Throw an error when the project field does not match invDeployment

[seankimkdy]

Turns out this also applies for Azure at the level of resource groups, since resource groups are passed per request.

[divega]

Triage: Sarah to follow up and close.