Allow for RBAC status report consumption by external services over HTTP.

Endpoints:

/status - triggers all RBAC risk rules check and returns a report

Filtering to select specific severity items as an option, eg:

/status?severity={high|medium|low} - to return RBAC report items filtered by severity. Unfiltered results are returned by default if no severity filter specified. Results returned in format specified by the content-type header (JSON by default). YAML also supported.

/status/{risk-rule-id} - tigger ad-hoc test of specific risk rule id. Return check response in format specified by content-type header (JSON by default).