Now that there's OAuth support, it's possible to have a notion of identity that's distinct from the account itself. If a cluster is configured via OAuth with it's own identity, it's likely operators will want to use that identity regardless of which storage account a job uses.
So OAuth configs right now (and probably others) are looked up with <config_key>.<account>. I propose that we add a function for looking up these configs that returns an account-specific value if it exists, but in the event it does not will also try to return <config_key>, if that exists.
I can work on a patch for this if nobody has any objections.