CDK: Add scrutinice permissions (#2118)

### Issues:
Addresses P187446337

### Description of changes: 
Grant permissions required for Scrutinice.

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license and the ISC license.

tests/ci/cdk/util/iam_policies.py

@@ -207,6 +207,17 @@ def ecr_power_user_policy_in_json(ecr_repo_names):
                     "ecr:PutImage"
                 ],
                 "Resource": ecr_arns
+            },
+            {
+                "Sid": "scrutinice",
+                "Effect": "Allow",
+                "Principal": {
+                    "AWS": "arn:aws:iam::222961743098:role/scrutini-ecr"
+                },
+                "Action": [
+                    "ecr:BatchGetImage",
+                    "ecr:GetDownloadUrlForLayer"
+                ]
             }
         ]
     }