RBAC on bots

Access is deny all and allow by exception based on roles, except for admin roles. Addressing NIST AC-17 (access control), NIST configuration managments for NIST CM-2 (base line configurations), access restrictions for NIST CM-5, NIST CM-6, and NIST CM-7 (least functionality), and monitoring NIST CM-9 for bot activity across the development, test, and production environment.