From 75124f3b2aebc58491b3a3df9972673211fdaee3 Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 2 Mar 2026 16:25:39 +0000
Subject: [PATCH 1/4] give fast api permission to send messages to
 categorisation queue

---
 serverless.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/serverless.yml b/serverless.yml
index c8fadfca..3dde5511 100644
--- a/serverless.yml
+++ b/serverless.yml
@@ -108,6 +108,7 @@ resources:
                     - sqs:SendMessage
                   Resource:
                     - Fn::GetAtt: [ EngineQueue, Arn ]
+                    - "arn:aws:sqs:eu-west-2:337213553626:categorisation-queue-dev"
                 - Effect: Allow
                   Action:
                     - s3:GetObject

From 7676194cdc94a1988c880165a0f1403367d500ce Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 2 Mar 2026 16:48:09 +0000
Subject: [PATCH 2/4] get sqs url and arn from env vars

---
 .github/workflows/deploy_fastapi_backend.yml | 4 ++++
 serverless.yml                               | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/deploy_fastapi_backend.yml b/.github/workflows/deploy_fastapi_backend.yml
index 7b00d3f2..14d47168 100644
--- a/.github/workflows/deploy_fastapi_backend.yml
+++ b/.github/workflows/deploy_fastapi_backend.yml
@@ -77,6 +77,8 @@ jobs:
           echo "::set-output name=hotwater_kwh_predictions_bucket::${{ secrets[format('{0}_HOTWATER_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}"
           echo "::set-output name=energy_asessments_bucket::${{ secrets[format('{0}_ENERGY_ASSESSMENTS_BUCKET', github.ref_name)] }}"
           echo "::set-output name=google_solar_api_key::${{ secrets[format('{0}_GOOGLE_SOLAR_API_KEY', github.ref_name)] }}"
+          echo "::set-output name=categorisation_sqs_url::${{ secrets[format('{0}_CATEGORISATION_SQS_URL', github.ref_name)] }}"
+          echo "::set-output name=categorisation_sqs_arn::${{ secrets[format('{0}_CATEGORISATION_SQS_ARN', github.ref_name)] }}"
 
       - name: Setup Docker
         uses: docker/setup-buildx-action@v1
@@ -122,6 +124,8 @@ jobs:
           HOTWATER_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hotwater_kwh_predictions_bucket }}
           ENERGY_ASSESSMENTS_BUCKET: ${{ steps.set_api_secrets.outputs.energy_asessments_bucket }}
           GOOGLE_SOLAR_API_KEY: ${{ steps.set_api_secrets.outputs.google_solar_api_key }}
+          CATEGORISATION_SQS_URL: ${{ steps.set_api_secrets.outputs.categorisation_sqs_url }}
+          CATEGORISATION_SQS_ARN: ${{ steps.set_api_secrets.outputs.categorisation_sqs_arn }}
           DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }}
           EPC_AUTH_TOKEN: ${{ steps.set_auth_token.outputs.auth_token }}
           DB_HOST: ${{ steps.set_db_credentials.outputs.db_host }}
diff --git a/serverless.yml b/serverless.yml
index 3dde5511..753e5978 100644
--- a/serverless.yml
+++ b/serverless.yml
@@ -31,7 +31,7 @@ provider:
     ENGINE_SQS_URL:
       Ref: EngineQueue
     # hardcode the categorisation queue for now as it's created in terraform
-    CATEGORISATION_SQS_URL: "https://sqs.eu-west-2.amazonaws.com/337213553626/categorisation-queue-dev"
+    CATEGORISATION_SQS_URL: ${env:CATEGORISATION_SQS_URL}
 
 plugins:
   - serverless-python-requirements
@@ -108,7 +108,7 @@ resources:
                     - sqs:SendMessage
                   Resource:
                     - Fn::GetAtt: [ EngineQueue, Arn ]
-                    - "arn:aws:sqs:eu-west-2:337213553626:categorisation-queue-dev"
+                    - ${env:CATEGORISATION_SQS_URL}
                 - Effect: Allow
                   Action:
                     - s3:GetObject

From e7d2f83005fd6578b7676c69d5dc23561ea29090 Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 2 Mar 2026 17:06:56 +0000
Subject: [PATCH 3/4] arn not url

---
 serverless.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/serverless.yml b/serverless.yml
index 753e5978..0e3e56fc 100644
--- a/serverless.yml
+++ b/serverless.yml
@@ -108,7 +108,7 @@ resources:
                     - sqs:SendMessage
                   Resource:
                     - Fn::GetAtt: [ EngineQueue, Arn ]
-                    - ${env:CATEGORISATION_SQS_URL}
+                    - ${env:CATEGORISATION_SQS_ARN}
                 - Effect: Allow
                   Action:
                     - s3:GetObject

From 227a6a81ffef56ad510812356b259dd95865ac0d Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Tue, 3 Mar 2026 08:44:41 +0000
Subject: [PATCH 4/4] revert to hardcoded arn and url

---
 .github/workflows/deploy_fastapi_backend.yml | 4 ----
 serverless.yml                               | 4 ++--
 2 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/deploy_fastapi_backend.yml b/.github/workflows/deploy_fastapi_backend.yml
index 14d47168..7b00d3f2 100644
--- a/.github/workflows/deploy_fastapi_backend.yml
+++ b/.github/workflows/deploy_fastapi_backend.yml
@@ -77,8 +77,6 @@ jobs:
           echo "::set-output name=hotwater_kwh_predictions_bucket::${{ secrets[format('{0}_HOTWATER_KWH_PREDICTIONS_BUCKET', github.ref_name)] }}"
           echo "::set-output name=energy_asessments_bucket::${{ secrets[format('{0}_ENERGY_ASSESSMENTS_BUCKET', github.ref_name)] }}"
           echo "::set-output name=google_solar_api_key::${{ secrets[format('{0}_GOOGLE_SOLAR_API_KEY', github.ref_name)] }}"
-          echo "::set-output name=categorisation_sqs_url::${{ secrets[format('{0}_CATEGORISATION_SQS_URL', github.ref_name)] }}"
-          echo "::set-output name=categorisation_sqs_arn::${{ secrets[format('{0}_CATEGORISATION_SQS_ARN', github.ref_name)] }}"
 
       - name: Setup Docker
         uses: docker/setup-buildx-action@v1
@@ -124,8 +122,6 @@ jobs:
           HOTWATER_KWH_PREDICTIONS_BUCKET: ${{ steps.set_api_secrets.outputs.hotwater_kwh_predictions_bucket }}
           ENERGY_ASSESSMENTS_BUCKET: ${{ steps.set_api_secrets.outputs.energy_asessments_bucket }}
           GOOGLE_SOLAR_API_KEY: ${{ steps.set_api_secrets.outputs.google_solar_api_key }}
-          CATEGORISATION_SQS_URL: ${{ steps.set_api_secrets.outputs.categorisation_sqs_url }}
-          CATEGORISATION_SQS_ARN: ${{ steps.set_api_secrets.outputs.categorisation_sqs_arn }}
           DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }}
           EPC_AUTH_TOKEN: ${{ steps.set_auth_token.outputs.auth_token }}
           DB_HOST: ${{ steps.set_db_credentials.outputs.db_host }}
diff --git a/serverless.yml b/serverless.yml
index 0e3e56fc..3dde5511 100644
--- a/serverless.yml
+++ b/serverless.yml
@@ -31,7 +31,7 @@ provider:
     ENGINE_SQS_URL:
       Ref: EngineQueue
     # hardcode the categorisation queue for now as it's created in terraform
-    CATEGORISATION_SQS_URL: ${env:CATEGORISATION_SQS_URL}
+    CATEGORISATION_SQS_URL: "https://sqs.eu-west-2.amazonaws.com/337213553626/categorisation-queue-dev"
 
 plugins:
   - serverless-python-requirements
@@ -108,7 +108,7 @@ resources:
                     - sqs:SendMessage
                   Resource:
                     - Fn::GetAtt: [ EngineQueue, Arn ]
-                    - ${env:CATEGORISATION_SQS_ARN}
+                    - "arn:aws:sqs:eu-west-2:337213553626:categorisation-queue-dev"
                 - Effect: Allow
                   Action:
                     - s3:GetObject