aws-samples
diff --git a/‎README.md‎
Lines changed: 55 additions & 1 deletion b/‎README.md‎
Lines changed: 55 additions & 1 deletion
diff --git a/‎Stack-Resources.md‎
Lines changed: 78 additions & 2 deletions b/‎Stack-Resources.md‎
Lines changed: 78 additions & 2 deletions
@@ -16,11 +16,33 @@ aws2tf.py will import into Terraform existing AWS infrastructure, and produce th
 
 Finally aws2tf runs a `terraform plan` command and there should hopefully be no subsequent additions or deletions reported by the terraform plan command as all the appropriate terraform configuration files will have automatically been created.
 
+## Recent Improvements
+
+### Code Optimization (December 2024)
+
+The codebase has been significantly optimized:
+
+* **86.5% code reduction** in resource handlers (1,265 boilerplate functions eliminated)
+* **100% coverage** of Terraform AWS provider (1,612 resources supported)
+* **Handler system** with `__getattr__` for automatic default handling
+* **Base handler utilities** for common transformation patterns
+* **Maintained file organization** - 201 service-specific files preserved
+
+See `code/fixtf_aws_resources/README.md` for details on the handler system.
+
+### Extended Resource Support
+
+* **aws_dict_extended.py** - Complete mapping of all 1,582 Terraform AWS resources
+* **177 new resources added** including latest AWS services
+* **Proper boto3 API mappings** for all resources
+
+See `code/.automation/` for tools and documentation.
+
 ## Requirements & Prerequisites
 
 + MacOS or Linux 
 + Python3 (v3.12.0+)
-+ boto3 1.40.44 or later (pip3 install -r requirements.txt).
++ boto3 1.42.16 or later (pip3 install -r requirements.txt).
 + AWS cli (v2) **version 2.31.4 or higher** needs to be installed and you need a login with at least "Read" privileges.
 + Terraform **version v1.12.0** or higher needs to be installed. (recommend you avoid early point releases eg. 1.9.0/1.9.1)
 + jq **version 1.6 or higher**
@@ -221,6 +243,38 @@ For stack sets (-s option) look for these two files in the generated/tf* directo
 * stack-unprocessed.err
 * stack-null.err
 
+---
+
+## Testing
+
+aws2tf includes a comprehensive test suite with 267 tests covering all critical functionality.
+
+### Running Tests
+
+```bash
+# Install test dependencies
+pip install -r requirements-test.txt
+
+# Run all tests
+pytest
+
+# Run with coverage report
+pytest --cov=code --cov=aws2tf --cov-report=html
+
+# Run specific test categories
+pytest tests/unit/              # Unit tests only
+pytest tests/integration/       # Integration tests only
+pytest -m performance          # Performance tests only
+```
+
+### Test Coverage
+
+- **267 tests** covering input validation, file operations, resource discovery, and more
+- **96% coverage** for context.py
+- **91% coverage** for build_lists.py
+- **25% overall coverage** with focus on critical code paths
+
+See [tests/README.md](tests/README.md) for detailed testing documentation.
 
 ---
 
 
@@ -7,23 +7,43 @@
 * AWS::AmazonMQ::Broker
 * AWS::AmazonMQ::Configuration
 * AWS::Amplify::App
+* AWS::Amplify::Branch
+* AWS::ApiGateway::Account
 * AWS::ApiGateway::ApiKey
+* AWS::ApiGateway::Authorizer
 * AWS::ApiGateway::BasePathMapping
 * AWS::ApiGateway::ClientCertificate
+* AWS::ApiGateway::Deployment
 * AWS::ApiGateway::DomainName
 * AWS::ApiGateway::GatewayResponse
+* AWS::ApiGateway::Method
 * AWS::ApiGateway::Model
 * AWS::ApiGateway::RequestValidator
+* AWS::ApiGateway::Resource
 * AWS::ApiGateway::RestApi
+* AWS::ApiGateway::Stage
 * AWS::ApiGateway::UsagePlan
 * AWS::ApiGateway::UsagePlanKey
 * AWS::ApiGateway::VpcLink
 * AWS::ApiGatewayV2::Api
+* AWS::ApiGatewayV2::ApiMapping
+* AWS::ApiGatewayV2::Authorizer
+* AWS::ApiGatewayV2::Deployment
 * AWS::ApiGatewayV2::DomainName
+* AWS::ApiGatewayV2::Integration
+* AWS::ApiGatewayV2::IntegrationResponse
+* AWS::ApiGatewayV2::Model
+* AWS::ApiGatewayV2::Route
+* AWS::ApiGatewayV2::RouteResponse
+* AWS::ApiGatewayV2::Stage
 * AWS::ApiGatewayV2::VpcLink
 * AWS::AppMesh::GatewayRoute
 * AWS::AppMesh::Mesh
 * AWS::AppMesh::Route
+* AWS::AppMesh::VirtualGateway
+* AWS::AppMesh::VirtualNode
+* AWS::AppMesh::VirtualRouter
+* AWS::AppMesh::VirtualService
 * AWS::ApplicationAutoScaling::ScalableTarget
 * AWS::ApplicationAutoScaling::ScalingPolicy
 * AWS::Athena::DataCatalog
@@ -33,51 +53,86 @@
 * AWS::AutoScaling::AutoScalingGroup
 * AWS::AutoScaling::LaunchConfiguration
 * AWS::AutoScaling::LifecycleHook
+* AWS::CDK::Metadata
+* AWS::CertificateManager::Certificate
 * AWS::Cloud9::EnvironmentEC2
 * AWS::CloudFront::CachePolicy
 * AWS::CloudFront::CloudFrontOriginAccessIdentity
 * AWS::CloudFront::Distribution
 * AWS::CloudFront::Function
 * AWS::CloudFront::OriginRequestPolicy
 * AWS::CloudWatch::Alarm
-* AWS::CodeBuild::Project
 * AWS::CodeCommit::Repository
 * AWS::Cognito::UserPool
+* AWS::Cognito::UserPoolClient
+* AWS::Cognito::UserPoolGroup
 * AWS::Config::ConfigRule
 * AWS::Config::ConfigurationRecorder
 * AWS::Config::DeliveryChannel
+* AWS::Connect::ContactFlow
+* AWS::Connect::HoursOfOperation
+* AWS::Connect::Instance
+* AWS::Connect::InstanceStorageConfig
+* AWS::Connect::IntegrationAssociation
+* AWS::Connect::PhoneNumber
+* AWS::Connect::Queue
+* AWS::Connect::RoutingProfile
+* AWS::Connect::SecurityProfile
+* AWS::Connect::User
 * AWS::DMS::ReplicationInstance
 * AWS::DMS::ReplicationSubnetGroup
+* AWS::DataZone::DataSource
+* AWS::DataZone::Domain
+* AWS::DataZone::Environment
+* AWS::DataZone::EnvironmentActions
+* AWS::DataZone::EnvironmentBlueprintConfiguration
+* AWS::DataZone::EnvironmentProfile
+* AWS::DataZone::Project
+* AWS::DataZone::ProjectMembership
+* AWS::DataZone::SubscriptionTarget
+* AWS::DataZone::UserProfile
 * AWS::DirectoryService::MicrosoftAD
 * AWS::DocDB::DBCluster
 * AWS::DocDB::DBInstance
 * AWS::DocDB::DBSubnetGroup
 * AWS::DynamoDB::Table
 * AWS::EC2::DHCPOptions
+* AWS::EC2::EIP
 * AWS::EC2::EIPAssociation
 * AWS::EC2::FlowLog
+* AWS::EC2::GatewayRouteTableAssociation
 * AWS::EC2::Instance
 * AWS::EC2::InternetGateway
 * AWS::EC2::KeyPair
 * AWS::EC2::LaunchTemplate
 * AWS::EC2::NatGateway
 * AWS::EC2::NetworkAcl
+* AWS::EC2::NetworkAclEntry
+* AWS::EC2::Route
 * AWS::EC2::RouteTable
 * AWS::EC2::SecurityGroup
+* AWS::EC2::SecurityGroupEgress
+* AWS::EC2::SecurityGroupIngress
 * AWS::EC2::Subnet
+* AWS::EC2::SubnetNetworkAclAssociation
+* AWS::EC2::SubnetRouteTableAssociation
 * AWS::EC2::VPC
 * AWS::EC2::VPCDHCPOptionsAssociation
 * AWS::EC2::VPCEndpoint
 * AWS::EC2::VPCEndpointService
+* AWS::EC2::VPCGatewayAttachment
 * AWS::EC2::Volume
 * AWS::ECR::Repository
 * AWS::ECS::Cluster
 * AWS::ECS::Service
 * AWS::ECS::TaskDefinition
+* AWS::EFS::AccessPoint
 * AWS::EFS::FileSystem
+* AWS::EFS::MountTarget
 * AWS::EKS::Cluster
+* AWS::EKS::Nodegroup
 * AWS::EMR::Cluster
-* AWS::EMR::InstanceGroupConfig": f3.write(type+" "+pid+" fetched as part of aws_emr_cluster..\n")
+* AWS::EMR::InstanceGroupConfig
 * AWS::EMR::SecurityConfiguration
 * AWS::ElasticLoadBalancingV2::Listener
 * AWS::ElasticLoadBalancingV2::ListenerRule
@@ -92,15 +147,21 @@
 * AWS::Glue::Job
 * AWS::Glue::Partition
 * AWS::Glue::SecurityConfiguration
+* AWS::Glue::Table
 * AWS::Glue::Trigger
+* AWS::IAM::AccessKey
 * AWS::IAM::Group
 * AWS::IAM::InstanceProfile
 * AWS::IAM::ManagedPolicy
+* AWS::IAM::Policy
 * AWS::IAM::Role
 * AWS::IAM::ServiceLinkedRole
 * AWS::IAM::User
+* AWS::IAM::UserToGroupAddition
 * AWS::KMS::Alias
 * AWS::KMS::Key
+* AWS::Kendra::DataSource
+* AWS::Kendra::Faq
 * AWS::Kendra::Index
 * AWS::Kinesis::Stream
 * AWS::KinesisFirehose::DeliveryStream
@@ -111,6 +172,14 @@
 * AWS::Lambda::Function
 * AWS::Lambda::LayerVersion
 * AWS::Logs::LogGroup
+* AWS::MSK::Cluster
+* AWS::MSK::ClusterPolicy
+* AWS::MSK::ServerlessCluster
+* AWS::MWAA::Environment
+* AWS::NetworkFirewall::Firewall
+* AWS::NetworkFirewall::FirewallPolicy
+* AWS::NetworkFirewall::LoggingConfiguration
+* AWS::NetworkFirewall::RuleGroup
 * AWS::OpenSearchService::Domain
 * AWS::Pipes::Pipe
 * AWS::RDS::DBCluster
@@ -126,18 +195,21 @@
 * AWS::RedshiftServerless::Namespace
 * AWS::RedshiftServerless::Workgroup
 * AWS::Route53::HostedZone
+* AWS::Route53::RecordSet
 * AWS::S3::AccessGrant
 * AWS::S3::AccessGrantsInstance
 * AWS::S3::AccessGrantsLocation
 * AWS::S3::AccessPoint
 * AWS::S3::Bucket
+* AWS::S3::BucketPolicy
 * AWS::S3::MultiRegionAccessPoint
 * AWS::S3::MultiRegionAccessPointPolicy
 * AWS::S3::StorageLens
 * AWS::SNS::Subscription
 * AWS::SNS::Topic
 * AWS::SNS::TopicPolicy
 * AWS::SQS::Queue
+* AWS::SQS::QueuePolicy
 * AWS::SSM::Association
 * AWS::SSM::Document
 * AWS::SSM::Parameter
@@ -146,6 +218,7 @@
 * AWS::SageMaker::Domain
 * AWS::SageMaker::Endpoint
 * AWS::SageMaker::Image
+* AWS::SageMaker::ImageVersion
 * AWS::SageMaker::Model
 * AWS::SageMaker::NotebookInstance
 * AWS::SageMaker::NotebookInstanceLifecycleConfig
@@ -157,6 +230,7 @@
 * AWS::SecretsManager::ResourcePolicy
 * AWS::SecretsManager::RotationSchedule
 * AWS::SecretsManager::Secret
+* AWS::SecretsManager::SecretTargetAttachment
 * AWS::ServiceDiscovery::HttpNamespace
 * AWS::ServiceDiscovery::PrivateDnsNamespace
 * AWS::ServiceDiscovery::Service
@@ -174,4 +248,6 @@
 * AWS::VpcLattice::ServiceNetworkVpcAssociation
 * AWS::VpcLattice::TargetGroup
 * AWS::WAFv2::IPSet
+* AWS::WAFv2::LoggingConfiguration
 * AWS::WAFv2::WebACL
+* AWS::WorkSpaces::Workspace