Julian Fischer, CEO at anynines, describes Klutch as a central control plane for Kubernetes orchestration and governance. It addresses the core tension platform teams face at scale: enabling developer self-service on-demand while maintaining centralized policy enforcement across many clusters and tenants. Klutch acts as the coordination layer that makes both possible simultaneously.

“If you run a lot of Kubernetes clusters on AWS and you are an EKS user using the Well-Architected Framework, how do you enable your users to get on-demand self-service while providing that central governance using Klutch as a central control plane for orchestration and governance.” — Julian Fischer, CEO, anynines

The a9s Hub for AWS is a purpose-built configuration of Klutch designed to operate within the account structure prescribed by the AWS Well-Architected Framework. Fischer explains that the Well-Architected Framework defines a specific layout for how AWS accounts are organized, and the Hub is built to operate natively within that structure. This allows large EKS deployments to use Klutch for governance without fighting against the account model AWS recommends.

“The Well-Architected Framework uses a particular layout and how AWS accounts are set out.” — Julian Fischer, CEO, anynines

Fischer describes the Well-Architected Framework pattern as assigning two AWS accounts per tenant: one dedicated EKS account for the application cluster and one separate account for services. With many tenants running across this structure, the total number of accounts grows significantly, and the relationship between application clusters and their corresponding service accounts must be tracked and enforced consistently. This account isolation model is foundational to how the a9s Hub for AWS operates.

“You have per tenant your own EKS account and your own account for services. So you have two accounts per tenant and you have potentially many tenants.” — Julian Fischer, CEO, anynines

When a new application cluster is provisioned on EKS, the Klutch client is installed onto that cluster. Fischer explains that once the Klutch client is present, it is able to provision data services directly into the AWS account that corresponds to the correct tenant, rather than requiring manual routing or operator intervention. This automatic account-to-tenant mapping is what makes large-scale self-service provisioning governable.

“When application clusters provision and the Klutch client is installed, it should be able to provision data services in the corresponding account that corresponds to the tenant.” — Julian Fischer, CEO, anynines

Alongside the AWS Hub, Fischer confirms anynines is building a Klutch hub for on-premises Kubernetes deployments. While the clip focuses primarily on the AWS architecture, the on-premises Hub represents the second major enterprise use case anynines is targeting as Klutch moves toward enterprise-grade maturity. Organizations running large Kubernetes footprints outside of public cloud will be the primary audience for this offering.

“Building a9s Hub in the two major use cases, which is a9s Hub for AWS and a9s Hub for on premises. That’s basically the idea.” — Julian Fischer, CEO, anynines

Fischer describes Klutch’s enterprise-grade evolution as a maturation process happening behind the scenes, involving additional integrations and the specific Hub configurations for AWS and on-premises. The core shift is moving from a capable platform into one that handles the large-scale, multi-tenant, governance-heavy use cases that enterprise customers require. The work has been ongoing and is now reaching the point of release-readiness.

“We’ve been building Klutch to maturity, we’ve been adding more integrations. So we are about to take Klutch and add what is necessary to become enterprise grade.” — Julian Fischer, CEO, anynines