Your AWS account identifiers - AWS General Reference

Your AWS account identifiers

AWS assigns the following unique identifiers to each AWS account:

AWS account ID

A 12-digit number, such as 123456789012, that uniquely identifies an AWS account. Many AWS resources include the account ID in their Amazon Resource Names (ARNs). The account ID portion distinguishes resources in one account from the resources in another account. If you are an IAM user, you can sign in to the AWS Management Console using either the account ID or account alias.

Canonical user ID

An alpha-numeric identifier, such as 79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be, that is an obfuscated form of the AWS account ID. You can use this ID to identify an AWS account when granting cross-account access to buckets and objects using Amazon S3. You can retrieve the canonical user ID for your AWS account as either the root user or an IAM user.

You must be authenticated with AWS to view these identifiers.

Warning

Do not provide your AWS credentials to a third party that needs your AWS account identifiers to share AWS resources with you. Doing so would give them the same access to the AWS account that you have.

Finding your AWS account ID

You can find the AWS account ID in the AWS Management Console. The location of the account ID in the console depends on whether you are logged in as the root user or an IAM user. The account ID is the same whether you are logged in as the root user or an IAM user.

Prerequisite

You must be signed in to the AWS Management Console. For more information, see Signing in to the AWS Management Console in the IAM User Guide.

To find your AWS account ID when signed in as the root user

  1. In the navigation bar on the upper right, choose your account name or number and then choose My Security Credentials.

  2. Expand the Account identifiers section. The account number appears next to the label AWS Account ID.

To find your AWS account ID when signed in as an IAM user

  1. In the navigation bar on the upper right, choose your user name and then choose My Security Credentials.

    Tip

    If you do not see the My Security Credentials page, you might be signed in as a federated user, not an IAM user.

  2. At the top of the page, under Account details, the account number appears next to the label AWS account ID.

To find your AWS account ID using the AWS CLI

Use the get-caller-identity command as follows:

aws sts get-caller-identity --query Account --output text

Finding the canonical user ID for your AWS account

You can find the canonical user ID for your AWS account using the AWS Management Console or the AWS CLI. The canonical user ID for an AWS account is specific to that account. You can retrieve the canonical user ID for your AWS account as the root user, a federated user, or an IAM user.

Prerequisites

You must have permission to list and view an Amazon S3 bucket if you are a federated user or are accessing the information programmatically, such as through the AWS CLI.

To find the canonical user ID for your account when signed in to the console as the root user or an IAM user

  1. Sign in to the AWS Management Console as the root user or an IAM user.

    For more information, see Signing in to the AWS Management Console in the IAM User Guide.

  2. In the navigation bar on the upper right, choose your account name or number and then choose My Security Credentials.

  3. If you are the root user, expand Account identifiers and find Canonical User ID.

    If you are an IAM user, under Account details, find Account canonical user ID.

To find the canonical user ID for your account when signed in to the console as a federated user

  1. Sign in to the AWS Management Console as a federated user.

    For more information, see Signing in to the AWS Management Console in the IAM User Guide.

  2. In the Amazon S3 console, to view details about a bucket, choose a bucket name.

  3. Choose Permissions, and then choose Access Control List.

    At the top of the page, under Access for bucket owner, the canonical user ID for the AWS account appears.

To find the canonical user ID using the AWS CLI

Use the list-buckets command as follows:

aws s3api list-buckets --query Owner.ID --output text