Menu
Amazon Web Services
General Reference (Version 1.0)

AWS Account Identifiers

AWS assigns two unique IDs to each AWS account:

  • An AWS account ID

  • A canonical user ID

The AWS account ID is a 12-digit number, such as 123456789012, that you use to construct Amazon Resource Names (ARNs). When you refer to resources, such as an IAM user or an Amazon Glacier vault, the account ID distinguishes your resources from resources in other AWS accounts.

The canonical user ID is a long string, such as 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be.

You can use canonical user IDs in an Amazon S3 bucket policy for cross-account access, which means an AWS account can access resources in another AWS account. For example, to grant another AWS account access to your bucket, you specify the account's canonical user ID in the bucket's policy. For more information, see Bucket Policy Examples in the Amazon Simple Storage Service Developer Guide.

Finding Your AWS Account ID

You can find the AWS account ID from AWS Management Console. The method that you use to find the account ID depends on how you are logged into the console.

To view your AWS account ID when signed in as a root account user

  1. Use your AWS account email address and password to sign in to the AWS Management Console.

    If you previously signed in to the console with IAM user credentials, your browser might open your IAM user sign-in page. You can't use the IAM user sign-in page to sign in with your AWS account credentials. Instead, choose Sign-in using root account credentials to go to the AWS account sign-in page.

  2. In the top right of the console, choose your account name or number. Then choose My Security Credentials.

  3. If necessary, in the dialog box, choose Continue to Security Credentials. You can choose the box next to Don’t show me this message again to stop the dialog box from appearing in the future.

  4. Expand the Account Identifiers section to view your AWS account ID.

To view your AWS account ID when signed in as a federated user

  1. Sign in to the AWS Management Console as a federated user.

  2. Select Support in the upper right corner of the console and choose Support Center.If necessary, in the dialog box, choose Continue to Security Credentials. You can choose the box next to Don’t show me this message again to stop the dialog box from appearing in the future.

  3. Your AWS account ID appears in the upper right. The account ID for an AWS account is the same for the root account and its IAM users. For more information, see Your AWS Account ID and Its Alias.

Finding Your Account Canonical User ID

To view your AWS account canonical user ID from the AWS Management Console or using the AWS API, you must be logged in as the root account user.

To view your canonical user ID (console)

  1. Use your AWS account email address and password to sign in to the AWS Management Console.

    If you previously signed in to the console with IAM user credentials, your browser might open your IAM user sign-in page. You can't use the IAM user sign-in page to sign in with your AWS account credentials. Instead, choose Sign-in using root account credentials to go to the AWS account sign-in page.

  2. In the top right of the console, choose your account name or number. Then choose My Security Credentials.

  3. If necessary, in the dialog box, choose Continue to Security Credentials. You can choose the box next to Don’t show me this message again to stop the dialog box from appearing in the future.

  4. Expand the Account Identifiers section to view your canonical user ID.

You can also use the Amazon S3 ListBuckets API to return the canonical user ID. For more information, see GET Service Response Elements in the Amazon Simple Storage Service API Reference.