Update Doco - config-validator workload identity

[pdutch]

Would be good to update the doco here: https://hub.helm.sh/charts/forseti-security/forseti-security

Under prerequisites, to add:

5. If using a bucket to sync config validator policy, then a GCP project IAM policy binding tying the Kubernetes Service account for the config-validator (created by this chart) to the GCP IAM Forseti client service account. This binding is created via the Terraform module or can be created manually.

[kevensen]

@pdutch Thanks for the recommendation. Please see #59