Create flag to default role whitelist regex - support drop-in kube2iam replacement

[nhoughto]

So we have kube2iam to kiam migration on the backlog, but the extra requirement to annotate each namespace that is going to assume-role from is extra work for us to migrate from kube2iam to kiam. I understand why this configuration exists, and why it is the default, but it would be useful to be able to set a default allowed role regex as a flag like kube2iam does to simplify the migration path from one to the other. That way we can get the benefits, and tighten the screws around who can assume what,, when later rather than having to do both upfront.

Thanks!

[bkruger99]

This! If you also have a larger installation where you have products that use metadata, this is also a blocker. Tagging the namespaces is easy enough, but the pods to default to the node credentials until they can be tightened down would be extremely helpful.