k9 Security believes usable and robust infrastructure code libraries are essential in making best practice accessible to application delivery, cloud, and security teams. If every team has to reinvent the automation wheel, you’ll likely end up with an overbudget, inconsistent mess — and maybe a data breach.

k9 wants to handle as much of the security architecture and implementation work for you, so you can focus on building, delivering, and operating applications.

k9 provides several infrastructure code libraries to help you, both in Terraform and now the AWS CDK. All of these libraries are open source and freely available from the k9securityio organization on GitHub.


k9 provides three Terraform modules to help you secure data and identify resources in the Cloud:

S3: The k9 Terraform module for S3 provisions AWS S3 buckets safely with least privilege access and comprehensive tagging using Terraform.

KMS: The k9 Terraform module for KMS provisions AWS KMS encryption keys safely with least privilege access and comprehensive tagging using Terraform.

Context: The k9 Terraform module for context captures the context your team needs to manage, operate, and secure resources in the Cloud (any of them).


The k9-cdk helps AWS Cloud Development Kit users provision strong AWS security policies easily using the AWS CDK. In CDK terms, this library provides Curated (L2) constructs that wrap core CloudFormation resources (L1) to simplify security.

The initial release of k9-cdk helps users generate secure S3 bucket policies in TypeScript. KMS resource policies and support for capturing context are next on the list for development, followed by Python support.

We’d love to hear your what you think about these infrastructure code libraries and learn what you need to Go Fast, Safely.