Simplify AWS IAM and scale security
without overloading experts

Control access to AWS APIs and your data with simple automation and access audits built for DevOps. Today.

Helping cloud teams scale AWS IAM security at:

Continuous Security with k9

IAM is hard on your own

Unexpected IAM admins and unused IAM principals.

Access gaps to critical data and keys.

Not being able to confirm you actually fixed IAM by verifying expected access.

Complicated and slow processes interfering with continuous delivery.

Wanting to achieve least privilege but don’t know how.

Overloaded experts.

IAM simplified & scaled

Find all IAM admins in less than one minute.

Secure data with policies generated by k9’s usable infrastructure automation libraries.

Test all of your AWS security policies, even in production.

Scale identity management with simple processes that continuously eliminate excess IAM permissions.

Declare least privilege access to data quickly and correctly.

No Overloaded Experts.

The simplest & most scalable way of managing AWS IAM permissions.


IAM users & roles

Buckets, Keys, & DBs

Scale up without security slowing you down.

Cloud teams reduce the risk of accidents and data breaches with k9’s usable security automation and IAM access reporting.  Now you can secure IAM at the speed of continuous delivery. .


k9 is built for non-security experts. Your entire team will understand desired & actual access and be able to manage it with tools you already use. Start in less than 30 minutes.

95% less time spent on IAM 



Increase your security easily with usable infrastructure code and expert support. We provide you with step by step processes that eliminate policy guesswork.

Production-ready Terraform & CDK



Audit the access each IAM principal actually has to APIs and data resources whenever you want. Easily integrate with your existing dashboards and tools. 

5 optimized audit processes

Simple Daily Reporting

k9 tells you exactly what AWS permissions allow today and every day.

k9 determines who has access with the AWS IAM simulation APIs nightly. The analysis covers Service Control, IAM, and Resource policies and integrates external access findings from AWS IAM Access Analyzer. Actionable reports are then published to your own S3 Bucket.

This is not a static analysis of IAM policy or summary of yesterday’s CloudTrail events. (k9 reports what IAM users and roles could do with AWS APIs and data.)

Pivot, filter, slice, and dice with tools and data you already use.


Use the Excel format (sample) for quick, interactive analysis.

Review your admins, when they were last used, and their credentials:

k9 Principals View showing whether an IAM principal is an admin and when it was last used.

Know exactly who has access to critical data and encryption keys:

Secure Policy Automation

 Cloud teams find issues by reviewing IAM access using the k9 Security Katas

Specify your intended access  in simple language and let k9 generate a least privilege security policy.

See k9 Security’s Terraform & CDK libraries on GitHub for S3 buckets and KMS encryption keys.

Example: Declare secure bucket policy with k9 Terraform library for AWSS3

Scale Access Management

Streamlined method for finding and fixing excess AWS IAM permissions.

Fewer security policy and automation modifications are required to provision a principal’s access to data resources.

Applicable to 10’s of teams and 100’s of resources.

Pre-built dashboards for Splunk and DataDog.

Supported Services: IAM, STS, KMS, S3, RDS, DynamoDB, Redshift, and more…

(1375+ AWS API Actions)

We wanted to create a truly secure production environment for our customers and prove it with a SOC 2 certification. k9 Security walked us through all the IAM vulnerabilities in our AWS account using their super pragmatic report and helped us fix the issues.  Now we have SOC 2 and least privilege!

Aleks Smechov

Co-Founder & CEO, Wordcab

The quality and depth of expertise demonstrated by k9 Security is unparalleled in the industry.  k9 has helped advise our AWS IAM strategy and guide a successful implementation of secure identity management that eliminates excess IAM permissions.             

Lucas LaFrance

VP of Security, PlanetArt

k9 is a great tool for consultants offering AWS security reviews. Will definitely use this tool when doing the next review of an AWS account. k9 is a great tool for Cloud Security Specialists raising the bar for security within their organization.                                                                                                      

Andreas Wittig

Author, Amazon Web Services in Action

“Do you deal with IAM regularly but still not properly understand it? If so, I highly recommend you check out Effective IAM for AWS. Since I read it, I have a much clearer mental model on how to best define principals and policies for both security and maintainability.”

Paul Swail

Serverless Expert & AWS Consultant, Winter Wind Software

Effective IAM for AWS

Effective IAM book

Learn how to secure AWS with IAM built for continuous delivery.

Contact Us

Please contact us with questions or comments. We’d love to discuss AWS security with you.