Horkos

Infrastructure code that won't let you deploy insecure configurations

A type-safe language that compiles to Terraform HCL. Security is enforced at compile time.

The Idea

// One line of Horkos:
val bucket = S3.createSecureBucket("my-data")

// Generates 40+ lines of Terraform with:
// ✓ AES256 encryption
// ✓ Versioning enabled  
// ✓ Public access blocked
// ✓ All security best practices

Can't create insecure infrastructure—it won't compile.

Want an exception? You must explain why:

val public = unsafe("APPROVED: Public website assets - ticket #402") {
    S3.createPublicBucket("website")
}

Quick Start

# Install
cargo install horkos

# Create a new project
horkos init my-infra
cd my-infra

# Compile to Terraform (finds src/main.hk automatically)
horkos compile

# Apply with Terraform
cd terraform && terraform apply

Project Structure

my-infra/
├── src/
│   ├── main.hk              # Entry point (convention)
│   └── network/
│       └── vpc.hk           # Importable module
└── terraform/               # Generated output
    ├── main.tf              # Provider config
    ├── resources.tf         # From src/main.hk
    └── network/
        └── vpc.tf           # From src/network/vpc.hk

Multi-File Example

// src/network/vpc.hk
val mainVpc = Network.createVpc("main", cidr: "10.0.0.0/16")

// src/main.hk
import "./network/vpc.hk" as network

val sg = Network.createSecurityGroup(vpc: network.mainVpc, name: "web")
val bucket = S3.createSecureBucket("app-data")

$ horkos compile

Discovering project in /my-infra
  Found 2 file(s)
    src/network/vpc.hk
    src/main.hk
Compiling src/network/vpc.hk
Compiling src/main.hk

Wrote 3 file(s):
    main.tf
    network/vpc.tf
    resources.tf

Why Horkos?

Problem	Other Tools	Horkos
Security	Opt-in (easy to forget)	Enforced (can't forget)
When errors caught	CI/runtime (too late)	Compile time (before commit)
Type safety	None or unsound	Full type checking
Legacy code	Trust it blindly	Marked as `Unverified<T>`
Cross-file types	N/A	Shared across imports

Current Status

v0.1.0 (unreleased) - Core compiler complete

✅ S3, VPC, Subnets, Security Groups
✅ Taint tracking with Unverified<T>
✅ unsafe blocks with mandatory justifications
✅ Multi-file projects with cross-file type sharing
✅ Per-file Terraform output
✅ Rich error messages with error codes
✅ 76 tests passing

Coming in v0.2.0:

AWS introspection (scan live accounts)
Blast radius analysis
More resources

Documentation

User Guide - Full documentation
Architecture - Compiler internals
Roadmap - What's coming next
Grammar - Language specification

License

MIT OR Apache-2.0 (dual licensed, like Rust)

Origin

In Greek mythology, Horkos punished oath-breakers swiftly. Here, your infrastructure declarations are oaths—break them and the compiler stops you.

horkos 0.1.1