From 639f46df0901cd550264f2b029d5d7a328a784fa Mon Sep 17 00:00:00 2001
From: Khalim Conn-Kowlessar <kconnkowlessar@gmail.com>
Date: Fri, 20 Mar 2026 09:59:19 +0000
Subject: [PATCH] created predictions buckets for carbon and heat, added iam
 permissions

---
 infrastructure/terraform/shared/main.tf | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/infrastructure/terraform/shared/main.tf b/infrastructure/terraform/shared/main.tf
index fdc7f203..7358560a 100644
--- a/infrastructure/terraform/shared/main.tf
+++ b/infrastructure/terraform/shared/main.tf
@@ -239,6 +239,18 @@ module "retrofit_sap_baseline_predictions" {
   allowed_origins = var.allowed_origins
 }
 
+module "retrofit_carbon_baseline_predictions" {
+  source          = "../modules/s3"
+  bucketname      = "retrofit-carbon-baseline-predictions-${var.stage}"
+  allowed_origins = var.allowed_origins
+}
+
+module "retrofit_heat_baseline_predictions" {
+  source          = "../modules/s3"
+  bucketname      = "retrofit-heat-baseline-predictions-${var.stage}"
+  allowed_origins = var.allowed_origins
+}
+
 // We make this bucket presignable, because we want to generate download links for the frontend
 module "retrofit_energy_assessments" {
   source          = "../modules/s3_presignable_bucket"
@@ -526,7 +538,10 @@ module "engine_s3_read_and_write" {
     "arn:aws:s3:::${module.retrofit_heat_predictions.bucket_name}",
     "arn:aws:s3:::${module.retrofit_heating_kwh_predictions.bucket_name}",
     "arn:aws:s3:::${module.retrofit_hotwater_kwh_predictions.bucket_name}",
-    "arn:aws:s3:::${module.retrofit_energy_assessments.bucket_name}"
+    "arn:aws:s3:::${module.retrofit_energy_assessments.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_sap_baseline_predictions.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_carbon_baseline_predictions.bucket_name}",
+    "arn:aws:s3:::${module.retrofit_heat_baseline_predictions.bucket_name}"
   ]
   actions        = ["s3:*"]
   resource_paths = ["/*"]