Trimmed down permission for dashboard service account

[EPinci]

What this PR does / why we need it:

This PR trims down the dashboard service account to the minimum possible per https://github.com/kubernetes/dashboard/wiki/Access-control#default-dashboard-privileges .
Current permission allow users to skip dashboard authentication and inherit cluster-admin priviledges nullifying the login process and RBAC resulting in an unsecure cluster.
With the proposed configuration, skipping login results in no permissions.
For development clusters, users can still reinstate previous permission manually granting cluster-admin permission to the dashboard service account.

Which issue this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close that issue when PR gets merged): fixes #2425

Special notes for your reviewer:

If applicable:

• documentation
• unit tests
• tested backward compatibility (ie. deploy with previous version, upgrade with this branch)

Release note:

Security: skipping kubernetes dashboard's login now effectively results in no permissions.
Logged in user will receive permission per RBAC profile.

[msftclas]

All CLA requirements met.

[jackfrancis]

lgtm

[mpalumbo7]

@EPinci it looks like these changes were not rolled into the v1.10 version!

https://github.com/Azure/acs-engine/blob/master/parts/k8s/addons/kubernetesmasteraddons-kubernetes-dashboard-deployment.yaml

[jackfrancis]

@ewok2030 Thanks! fixed here: #2816