Allow additive IAM grants by robots name

Regreatablly member name will be known after apply, hence changes in the
tests

tests/modules/project/examples/iam-additive-members.yaml

@@ -17,17 +17,14 @@ values:
     project_id: project-example
   module.project.google_project_iam_member.additive["roles/editor-user:two@example.org"]:
     condition: []
-    member: user:two@example.org
     project: project-example
     role: roles/editor
   module.project.google_project_iam_member.additive["roles/owner-user:one@example.org"]:
     condition: []
-    member: user:one@example.org
     project: project-example
     role: roles/owner
   module.project.google_project_iam_member.additive["roles/owner-user:two@example.org"]:
     condition: []
-    member: user:two@example.org
     project: project-example
     role: roles/owner
 

tests/modules/project/examples/iam-additive.yaml

@@ -16,22 +16,18 @@ values:
   module.project.google_project.project[0]: {}
   module.project.google_project_iam_member.additive["roles/owner-group:three@example.org"]:
     condition: []
-    member: group:three@example.org
     project: project-example
     role: roles/owner
   module.project.google_project_iam_member.additive["roles/storage.objectAdmin-group:two@example.org"]:
     condition: []
-    member: group:two@example.org
     project: project-example
     role: roles/storage.objectAdmin
   module.project.google_project_iam_member.additive["roles/viewer-group:one@example.org"]:
     condition: []
-    member: group:one@example.org
     project: project-example
     role: roles/viewer
   module.project.google_project_iam_member.additive["roles/viewer-group:two@xample.org"]:
     condition: []
-    member: group:two@xample.org
     project: project-example
     role: roles/viewer