Added details to root README

[or4dx]

This pull request updates the README.md file to rename the project, clarify its purpose, and provide a more structured and detailed overview of its contents and usage.

Documentation Updates:

• Renamed the project from "Booster Packs" to "Bitblock Packs" and updated the description to reflect its purpose as a modular toolkit for SaaS automation and DevOps.
• Added an "Overview" section explaining the repository's purpose and components.
• Introduced a "Structure" section with a directory tree to outline the repository's organization.
• Added a "Quick Start" section with steps to get started with the repository.
• Highlighted key features of the repository, such as modular automation packs, CI/CD templates, and observability tools, in a "Highlights" section.

[github-actions]

🧾 Terraform Plan for gov_org

⚠️ Review this carefully before applying changes

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.gov_org_advanced.aws_organizations_account.account["bill"] will be created
  + resource "aws_organizations_account" "account" {
      + arn                        = (known after apply)
      + close_on_deletion          = false
      + create_govcloud            = false
      + email                      = "billing@example.com"
      + govcloud_id                = (known after apply)
      + iam_user_access_to_billing = "ALLOW"
      + id                         = (known after apply)
      + joined_method              = (known after apply)
      + joined_timestamp           = (known after apply)
      + name                       = "Billing Account"
      + parent_id                  = (known after apply)
      + role_name                  = "OrganizationAccountAccessRole"
      + status                     = (known after apply)
      + tags_all                   = (known after apply)
    }

  # module.gov_org_advanced.aws_organizations_account.account["sec"] will be created
  + resource "aws_organizations_account" "account" {
      + arn                        = (known after apply)
      + close_on_deletion          = false
      + create_govcloud            = false
      + email                      = "security@example.com"
      + govcloud_id                = (known after apply)
      + iam_user_access_to_billing = "ALLOW"
      + id                         = (known after apply)
      + joined_method              = (known after apply)
      + joined_timestamp           = (known after apply)
      + name                       = "Security Account"
      + parent_id                  = (known after apply)
      + role_name                  = "OrganizationAccountAccessRole"
      + status                     = (known after apply)
      + tags_all                   = (known after apply)
    }

  # module.gov_org_advanced.aws_organizations_delegated_administrator.delegated_admins["billing"] will be created
  + resource "aws_organizations_delegated_administrator" "delegated_admins" {
      + account_id              = (known after apply)
      + arn                     = (known after apply)
      + delegation_enabled_date = (known after apply)
      + email                   = (known after apply)
      + id                      = (known after apply)
      + joined_method           = (known after apply)
      + joined_timestamp        = (known after apply)
      + name                    = (known after apply)
      + service_principal       = "billing.amazonaws.com"
      + status                  = (known after apply)
    }

  # module.gov_org_advanced.aws_organizations_delegated_administrator.delegated_admins["config"] will be created
  + resource "aws_organizations_delegated_administrator" "delegated_admins" {
      + account_id              = (known after apply)
      + arn                     = (known after apply)
      + delegation_enabled_date = (known after apply)
      + email                   = (known after apply)
      + id                      = (known after apply)
      + joined_method           = (known after apply)
      + joined_timestamp        = (known after apply)
      + name                    = (known after apply)
      + service_principal       = "config.amazonaws.com"
      + status                  = (known after apply)
    }

  # module.gov_org_advanced.aws_organizations_delegated_administrator.delegated_admins["guardduty"] will be created
  + resource "aws_organizations_delegated_administrator" "delegated_admins" {
      + account_id              = (known after apply)
      + arn                     = (known after apply)
      + delegation_enabled_date = (known after apply)
      + email                   = (known after apply)
      + id                      = (known after apply)
      + joined_method           = (known after apply)
      + joined_timestamp        = (known after apply)
      + name                    = (known after apply)
      + service_principal       = "guardduty.amazonaws.com"
      + status                  = (known after apply)
    }

  # module.gov_org_advanced.aws_organizations_organization.this will be created
  + resource "aws_organizations_organization" "this" {
      + accounts             = (known after apply)
      + arn                  = (known after apply)
      + feature_set          = "ALL"
      + id                   = (known after apply)
      + master_account_arn   = (known after apply)
      + master_account_email = (known after apply)
      + master_account_id    = (known after apply)
      + non_master_accounts  = (known after apply)
      + roots                = (known after apply)
    }

  # module.gov_org_advanced.aws_organizations_organizational_unit.ou["billing"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Billing"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_advanced.aws_organizations_organizational_unit.ou["security"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Security"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_basic.aws_organizations_organization.this will be created
  + resource "aws_organizations_organization" "this" {
      + accounts             = (known after apply)
      + arn                  = (known after apply)
      + feature_set          = "ALL"
      + id                   = (known after apply)
      + master_account_arn   = (known after apply)
      + master_account_email = (known after apply)
      + master_account_id    = (known after apply)
      + non_master_accounts  = (known after apply)
      + roots                = (known after apply)
    }

  # module.gov_org_basic.aws_organizations_organizational_unit.ou["core"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Core"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_basic.aws_organizations_organizational_unit.ou["dev"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Development"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_basic.aws_organizations_organizational_unit.ou["prod"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Production"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_account.account["billing_account"] will be created
  + resource "aws_organizations_account" "account" {
      + arn                        = (known after apply)
      + close_on_deletion          = false
      + create_govcloud            = false
      + email                      = "billing@myorg.com"
      + govcloud_id                = (known after apply)
      + iam_user_access_to_billing = "ALLOW"
      + id                         = (known after apply)
      + joined_method              = (known after apply)
      + joined_timestamp           = (known after apply)
      + name                       = "Billing Account"
      + parent_id                  = (known after apply)
      + role_name                  = "OrganizationAccountAccessRole"
      + status                     = (known after apply)
      + tags_all                   = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_account.account["dev_account"] will be created
  + resource "aws_organizations_account" "account" {
      + arn                        = (known after apply)
      + close_on_deletion          = false
      + create_govcloud            = false
      + email                      = "dev@myorg.com"
      + govcloud_id                = (known after apply)
      + iam_user_access_to_billing = "ALLOW"
      + id                         = (known after apply)
      + joined_method              = (known after apply)
      + joined_timestamp           = (known after apply)
      + name                       = "Dev Account"
      + parent_id                  = (known after apply)
      + role_name                  = "OrganizationAccountAccessRole"
      + status                     = (known after apply)
      + tags_all                   = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_account.account["prod_account"] will be created
  + resource "aws_organizations_account" "account" {
      + arn                        = (known after apply)
      + close_on_deletion          = false
      + create_govcloud            = false
      + email                      = "prod@myorg.com"
      + govcloud_id                = (known after apply)
      + iam_user_access_to_billing = "ALLOW"
      + id                         = (known after apply)
      + joined_method              = (known after apply)
      + joined_timestamp           = (known after apply)
      + name                       = "Prod Account"
      + parent_id                  = (known after apply)
      + role_name                  = "OrganizationAccountAccessRole"
      + status                     = (known after apply)
      + tags_all                   = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_account.account["security_account"] will be created
  + resource "aws_organizations_account" "account" {
      + arn                        = (known after apply)
      + close_on_deletion          = false
      + create_govcloud            = false
      + email                      = "security@myorg.com"
      + govcloud_id                = (known after apply)
      + iam_user_access_to_billing = "ALLOW"
      + id                         = (known after apply)
      + joined_method              = (known after apply)
      + joined_timestamp           = (known after apply)
      + name                       = "Security Account"
      + parent_id                  = (known after apply)
      + role_name                  = "OrganizationAccountAccessRole"
      + status                     = (known after apply)
      + tags_all                   = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_delegated_administrator.delegated_admins["billing"] will be created
  + resource "aws_organizations_delegated_administrator" "delegated_admins" {
      + account_id              = (known after apply)
      + arn                     = (known after apply)
      + delegation_enabled_date = (known after apply)
      + email                   = (known after apply)
      + id                      = (known after apply)
      + joined_method           = (known after apply)
      + joined_timestamp        = (known after apply)
      + name                    = (known after apply)
      + service_principal       = "billing.amazonaws.com"
      + status                  = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_delegated_administrator.delegated_admins["config"] will be created
  + resource "aws_organizations_delegated_administrator" "delegated_admins" {
      + account_id              = (known after apply)
      + arn                     = (known after apply)
      + delegation_enabled_date = (known after apply)
      + email                   = (known after apply)
      + id                      = (known after apply)
      + joined_method           = (known after apply)
      + joined_timestamp        = (known after apply)
      + name                    = (known after apply)
      + service_principal       = "config.amazonaws.com"
      + status                  = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_delegated_administrator.delegated_admins["guardduty"] will be created
  + resource "aws_organizations_delegated_administrator" "delegated_admins" {
      + account_id              = (known after apply)
      + arn                     = (known after apply)
      + delegation_enabled_date = (known after apply)
      + email                   = (known after apply)
      + id                      = (known after apply)
      + joined_method           = (known after apply)
      + joined_timestamp        = (known after apply)
      + name                    = (known after apply)
      + service_principal       = "guardduty.amazonaws.com"
      + status                  = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_organization.this will be created
  + resource "aws_organizations_organization" "this" {
      + accounts             = (known after apply)
      + arn                  = (known after apply)
      + feature_set          = "ALL"
      + id                   = (known after apply)
      + master_account_arn   = (known after apply)
      + master_account_email = (known after apply)
      + master_account_id    = (known after apply)
      + non_master_accounts  = (known after apply)
      + roots                = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_organizational_unit.ou["billing"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Billing"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_organizational_unit.ou["dev"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Development"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_organizational_unit.ou["prod"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Production"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

  # module.gov_org_complete.aws_organizations_organizational_unit.ou["security"] will be created
  + resource "aws_organizations_organizational_unit" "ou" {
      + accounts  = (known after apply)
      + arn       = (known after apply)
      + id        = (known after apply)
      + name      = "Security"
      + parent_id = (known after apply)
      + tags_all  = (known after apply)
    }

Plan: 24 to add, 0 to change, 0 to destroy.

Warning: Argument is deprecated

  with provider["registry.terraform.io/hashicorp/aws"],
  on providers.tf line 7, in provider "aws":
   7:   s3_force_path_style         = true

Use s3_use_path_style instead.

(and one more similar warning elsewhere)

Warning: Attribute Deprecated

  with provider["registry.terraform.io/hashicorp/aws"],
  on providers.tf line 7, in provider "aws":
   7:   s3_force_path_style         = true

Use s3_use_path_style instead.

(and one more similar warning elsewhere)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

[github-actions]

🧾 Terraform Plan for iam_policy

⚠️ Review this carefully before applying changes

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.iam_policy_basic.aws_iam_policy.this will be created
  + resource "aws_iam_policy" "this" {
      + arn         = (known after apply)
      + description = "Grants read-only access to S3"
      + id          = (known after apply)
      + name        = "basic-readonly-policy"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = jsonencode(
            {
              + Statement = [
                  + {
                      + Action   = [
                          + "s3:ListBucket",
                          + "s3:GetObject",
                        ]
                      + Effect   = "Allow"
                      + Resource = "*"
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + policy_id   = (known after apply)
      + tags        = {
          + "Environment" = "dev"
          + "Owner"       = "example-team"
        }
      + tags_all    = {
          + "Environment" = "dev"
          + "Owner"       = "example-team"
        }
    }

  # module.iam_policy_basic.aws_iam_policy_attachment.this[0] will be created
  + resource "aws_iam_policy_attachment" "this" {
      + id         = (known after apply)
      + name       = "basic-readonly-policy-attachment"
      + policy_arn = (known after apply)
      + roles      = [
          + "readonly-role",
        ]
    }

  # module.iam_policy_irsa.aws_iam_policy.this will be created
  + resource "aws_iam_policy" "this" {
      + arn         = (known after apply)
      + description = "Allows EKS pods to access S3 via IRSA"
      + id          = (known after apply)
      + name        = "eks-irsa-s3-reader"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy      = jsonencode(
            {
              + Statement = [
                  + {
                      + Action   = [
                          + "s3:GetObject",
                          + "s3:ListBucket",
                        ]
                      + Effect   = "Allow"
                      + Resource = [
                          + "arn:aws:s3:::my-app-bucket",
                          + "arn:aws:s3:::my-app-bucket/*",
                        ]
                    },
                ]
              + Version   = "2012-10-17"
            }
        )
      + policy_id   = (known after apply)
      + tags        = {
          + "App"         = "eks-service"
          + "Environment" = "staging"
        }
      + tags_all    = {
          + "App"         = "eks-service"
          + "Environment" = "staging"
        }
    }

  # module.iam_policy_irsa.aws_iam_policy_attachment.this[0] will be created
  + resource "aws_iam_policy_attachment" "this" {
      + id         = (known after apply)
      + name       = "eks-irsa-s3-reader-attachment"
      + policy_arn = (known after apply)
      + roles      = [
          + "eks-irsa-role",
        ]
    }

  # module.iam_policy_sso_managed.aws_iam_policy.this will be created
  + resource "aws_iam_policy" "this" {
      + arn         = (known after apply)
      + description = "Attaches AWS managed policies to an SSO permission set"
      + id          = (known after apply)
      + name        = "sso-managed-access"
      + name_prefix = (known after apply)
      + path        = "/"
      + policy_id   = (known after apply)
      + tags        = {
          + "Department"  = "Engineering"
          + "Environment" = "prod"
        }
      + tags_all    = {
          + "Department"  = "Engineering"
          + "Environment" = "prod"
        }
    }

  # module.iam_policy_sso_managed.aws_ssoadmin_managed_policy_attachment.this["0"] will be created
  + resource "aws_ssoadmin_managed_policy_attachment" "this" {
      + id                  = (known after apply)
      + instance_arn        = "arn:aws:sso:::instance/ssoins-EXAMPLE1234"
      + managed_policy_arn  = "arn:aws:iam::aws:policy/AmazonEC2ReadOnlyAccess"
      + managed_policy_name = (known after apply)
      + permission_set_arn  = "arn:aws:sso:::permissionSet/ssoins-EXAMPLE1234/ps-EXAMPLE5678"
    }

  # module.iam_policy_sso_managed.aws_ssoadmin_managed_policy_attachment.this["1"] will be created
  + resource "aws_ssoadmin_managed_policy_attachment" "this" {
      + id                  = (known after apply)
      + instance_arn        = "arn:aws:sso:::instance/ssoins-EXAMPLE1234"
      + managed_policy_arn  = "arn:aws:iam::aws:policy/CloudWatchReadOnlyAccess"
      + managed_policy_name = (known after apply)
      + permission_set_arn  = "arn:aws:sso:::permissionSet/ssoins-EXAMPLE1234/ps-EXAMPLE5678"
    }

  # module.iam_policy_sso_managed.aws_ssoadmin_permission_set_inline_policy.this[0] will be created
  + resource "aws_ssoadmin_permission_set_inline_policy" "this" {
      + id                 = (known after apply)
      + inline_policy      = jsonencode({})
      + instance_arn       = "arn:aws:sso:::instance/ssoins-EXAMPLE1234"
      + permission_set_arn = "arn:aws:sso:::permissionSet/ssoins-EXAMPLE1234/ps-EXAMPLE5678"
    }

Plan: 8 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.