Add policy statement to s3VPCE to allow pulling from docker hub

[chrisdotn]

What does this PR do?

This PR opens the s3VPCE for docker pull commands, which fails otherwise.

docker-compose pulls the client images from docker hub. The s3VPC needs to allow those actions. Otherwise the pulls fail with HTTP 403 and the images don't get pulled. Adding the policy statement to the VPCE fixes this and allows pulling from docker hub.

The solution is adapted from another issue: Cannot pull images from dockerhub (403 Access Denied)

Motivation

The 'erigion-lighthouse' configuration did not work without it.

More

• [X] Yes, I have tested the PR using my local account setup (Provide any test evidence report under Additional Notes)
• [ ] Mandatory for new node blueprints. Yes, I have added a example to support my blueprint PR
• [ ] Mandatory for new node blueprints. Yes, I have updated the website/docs or website/blog section for this feature
• [X] Yes, I ran pre-commit run -a with this PR. Link for installing pre-commit locally

For Moderators

• [ ] E2E Test successfully complete before merge?

Additional Notes

[chrisdotn]

Not for review: the relevant lines are 81–88, the other lines are formatting changes.