suggestion: remove pods * permissions for vmagent controller

[ebensom]

It seems that the rbac:groups="",resources=pods,verbs=* permission is excessive and not being used by vm-operator.
From K8S security point of view, it is advised to remove this permission if not needed, because a compromised vm-operator pod's SA has permission to create pods and exec into pods in all namespaces.