Missing IAM Capability for Cloud Workstations

[mcinquin]

Checklist

• I did not find a related open enhancement request.
• I understand that enhancement requests filed in the GitHub repository are by default low priority.
• If this request is time-sensitive, I have submitted a corresponding issue with GCP support.

Describe the feature or resource

Cloud Workstations allows setting IAM policies on the Workstation and WorkstationConfig resources so that customer can grant individual developers access to individual Workstations.

Workstations and WorkstationConfigs are existing CC resources:
https://cloud.google.com/config-connector/docs/reference/resource-docs/workstations/workstationconfig
https://cloud.google.com/config-connector/docs/reference/resource-docs/workstations/workstation

But we can't references them in IAM policies yet:
https://cloud.google.com/config-connector/docs/reference/resource-docs/iam/iampolicymember#supported_resources

This means we can't yet use Config Connector fully for Cloud Workstations, since the intended workflow is to create a workstation and assign a specific user permissions to use it.

Additional information

No response

Importance

This lack prevents us from using config-connector in our future architecture.