In the event we need to disable an org from accessing any API on ConsoleDot, similar to the allow list [1], we should have a deny list we can update which would deny access.

We may want to make this configurable per service, as well as global. Ideally the config would be updatable as a template param as well (currently the allow list is in a secret).

ToDo:
[] The config will need to be updated in the environments as a dependency this change.
[] Make configurable to be service/path specific.
[] Move config (for allow/deny) into an environment variable/template param.

[1] https://github.com/RedHatInsights/insights-3scale/blob/master/build/docker-assets/src/insights/auth.lua#L242