Skip to content

StanleyXie/silo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

74 Commits
.github/workflows
.github/workflows
 
 
Formula
Formula
 
 
certs
certs
 
 
docs/images
docs/images
 
 
infra
infra
 
 
proto
proto
 
 
scripts
scripts
 
 
src
src
 
 
templates
templates
 
 
terraform_test
terraform_test
 
 
tests/complex_module
tests/complex_module
 
 
.gitignore
.gitignore
 
 
.gitleaks.toml
.gitleaks.toml
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
backend_override.tf
backend_override.tf
 
 
build.rs
build.rs
 
 
cleanup.sh
cleanup.sh
 
 
main_encrypted.tf.template
main_encrypted.tf.template
 
 
quickstart.sh
quickstart.sh
 
 
release.tar.gz
release.tar.gz
 
 
run_demo.sh
run_demo.sh
 
 
run_tofu_demo.sh
run_tofu_demo.sh
 
 
run_tofu_encrypted_demo.sh
run_tofu_encrypted_demo.sh
 
 
silo.yaml
silo.yaml
 
 

Repository files navigation

Silo Logo

Silo: Secure Terraform State Gateway

Silo is a secure, mTLS-enabled gateway for Terraform/OpenTofu state, built on top of Pingora. It provides centralized governance, locking, and atomic state protection for infrastructure-as-code.

Quickstart

The fastest way to experience Silo is to use the quickstart script. This will start a local Vault dev server, launch Silo, and prepare a Terraform project for you.

# Clone the repository
git clone https://github.com/StanleyXie/silo.git
cd silo

# Run the quickstart
./quickstart.sh

Features

  • mTLS by Default: Automatic certificate generation and enforcement for all clients.
  • Identity-Based Authorization: RBAC for your Terraform states based on client certificate Common Names.
  • Pluggable Storage: Support for Vault (production) and Etcd (distributed) backends.
  • Atomic Writes: Native support for Check-And-Set (CAS) to prevent state corruption.
  • Observability: Prometheus metrics and structured transactional logging.

Installation (macOS)

brew install StanleyXie/tap/silo

Local Testing

You can run the full test matrix to validate your local environment:

bash scripts/test_matrix.sh

License

MIT

About

A terraform stack runs in silo which could suvive in doomsday

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 31

v0.3.27 Latest
Feb 6, 2026
+ 30 releases

Packages

 
 
 

Contributors

Languages