Horkos
If it's insecure, it won't compile.
A type-safe language for Terraform where insecure code won't compile.
Try it Online · Documentation · Changelog · Twitter
Why Horkos?
Terraform lets you build anything. Including mistakes.
| Problem | Terraform | Horkos |
|---|---|---|
| Security | Opt-in | Enforced |
| Errors caught | CI/runtime | Compile time |
| AI-generated code | Compiles if insecure | Fails until secure |
| Audit trail | Comments (maybe) | unsafe blocks |
How It Works
// One line. Secure by default.
val bucket = S3.createBucket("data")
Compiles to 5 Terraform resources: bucket, versioning, encryption, public access block, logging.
// Weakening security? Explain yourself.
val public = unsafe("Static website - ticket #402") {
S3.createBucket("www", publicAccess: true)
}
If it compiles, it's secure.
Get Started
# Install
# Write
# Compile
Or try it in your browser at horkos.cloud.
Homebrew
npm
Docker
Binary
Download from GitHub Releases.
Verify Downloads
All releases include checksums and Sigstore signatures:
# Verify checksum
# Verify signature (requires cosign)
What's Supported
Resources: S3, VPC, Subnets, Security Groups, Internet Gateway, CloudWatch, RDS
Language:
- Type-safe resource creation
unsafeblocks with mandatory justification- Taint tracking (
Unverified<T>) for imported Terraform - Conditionals, list methods, string methods
- Compile-time
assert()
Terraform: >= 1.5.0 with AWS Provider >= 5.0, < 6.0
See ROADMAP for planned features.
Documentation
- User Guide - Language reference
- Architecture - Compiler internals
- Contributing - Development setup
Security
Report vulnerabilities to security@horkos.cloud. See SECURITY.md.
License
MIT OR Apache-2.0
In Greek mythology, Horkos punished oath-breakers. Here, your infrastructure declarations are oaths.