Menu
Amazon Web Services
General Reference (Version 1.0)

AWS Account Identifiers

AWS assigns two unique IDs to each AWS account:

  • An AWS account ID

  • A canonical user ID

The AWS account ID is a 12-digit number, such as 123456789012, that you use to construct Amazon Resource Names (ARNs). When you refer to resources, such as an IAM user or an Amazon Glacier vault, the account ID distinguishes your resources from resources in other AWS accounts.

The canonical user ID is a long string, such as 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be.

You can use canonical user IDs in an Amazon S3 bucket policy for cross-account access, which means an AWS account can access resources in another AWS account. For example, to grant another AWS account access to your bucket, you specify the account's canonical user ID in the bucket's policy. For more information, see Bucket Policy Examples in the Amazon Simple Storage Service Developer Guide.

Finding Your AWS Account ID

You can find the AWS account ID from AWS Management Console. The method that you use to find the account ID depends on how you are logged in to the console.

To view your AWS account ID when signed in as a AWS account root user

  1. Use your AWS account email address and password to sign in to the AWS Management Console as the root user.

    Note

    If you previously signed in to the console with IAM user credentials, your browser might remember this preference and open your account-specific sign-in page. You cannot use the IAM user sign-in page to sign in with your root user credentials. If you see the IAM user sign-in page, choose Sign-in using root account credentials near the bottom of the page to return to the main sign-in page. From there, you can type your AWS account email address and password.

  2. In the top right of the console, choose your account name or number. Then choose My Security Credentials.

  3. If necessary, in the dialog box, choose Continue to Security Credentials. You can choose the box next to Don’t show me this message again to stop the dialog box from appearing in the future.

  4. Expand the Account Identifiers section to view your AWS account ID.

To view your AWS account ID when signed in as a federated user or an IAM user

  1. Sign in to the AWS Management Console as a federated user.

  2. Choose Support in the upper-right corner of the console and choose Support Center. If necessary, in the dialog box, choose Continue to Security Credentials. You can select the box next to Don’t show me this message again to stop the dialog box from appearing in the future.

  3. Your AWS account ID appears in the upper right. The account ID for an AWS account is the same for the account root user and its IAM users. For more information, see Your AWS Account ID and Its Alias.

Finding Your Account Canonical User ID

To view your AWS account canonical user ID from the AWS Management Console or using the AWS API, you must be logged in as the AWS account root user. To learn about the differences between AWS account root user credentials and IAM user credentials, see AWS Account Root User Credentials vs. IAM User Credentials.

To view your canonical user ID (console)

  1. Sign in as the root user using your AWS account email address and password.

    Important

    If you are signed in to the AWS Management Console with IAM user credentials, you must sign out and then sign in as the root user. If you see the account-specific IAM user sign-in page, choose Sign-in using root account credentials near the bottom of the page to return to the main sign-in page. From there, you can type your AWS account email address and password to sign in as the root user.

  2. In the top right of the console, choose your account name or number. Then choose My Security Credentials.

  3. If necessary, in the dialog box, choose Continue to Security Credentials. You can choose the box next to Don’t show me this message again to stop the dialog box from appearing in the future.

  4. Expand the Account Identifiers section to view your canonical user ID.

    Note

    If you do not see the Account Identifiers section, then you are not signed in as the root user. Return to Step 1 above. If you do not have access to the root user credentials, contact your AWS account administrator and ask them to retrieve the canonical user ID.

You can also use the Amazon S3 ListBuckets API to return the canonical user ID. For more information, see GET Service Response Elements in the Amazon Simple Storage Service API Reference.