AWS Powershell to retrieve AWS account number

Question

Does anyone know how to get AWS account number using AWS Powershell? Doesn't look like there's an API available for that.

score 12 · Answer 1 · edited Oct 08 '21 at 07:28

12

Nice and simple

(Get-STSCallerIdentity).Account

...or

(Get-STSCallerIdentity -Region [your_aws_region]).Account

edited Oct 08 '21 at 07:28

Ayo I

7,722
5
30
40

answered Nov 19 '19 at 13:58

Kappacake

1,826
19
38

IMHO, this is a better answer. – Nick Cipollina Jun 04 '21 at 00:26
This is the right answer. You can get a list of accounts in your organization with Get-ORGAccountList – corretge Dec 14 '22 at 07:23

score 11 · Accepted Answer · answered Jun 05 '15 at 01:18

11

Not directly. However, your Account ID is a part of the Arn of resources that you create... and those that are automatically created for you. Some resources will also list you as an OwnerId.

The Default Security Group is automatically created for you in each region, and cannot be deleted. This makes it a reliable candidate for retrieving our account Id.

Example:

PS C:/> $accountId = @(get-ec2securitygroup -GroupNames "default")[0].OwnerId

PS C:/> $accountId
000011112222

answered Jun 05 '15 at 01:18

Anthony Neace

25,013
7
114
129

2

Great answer above, thanks. I noticed that you can get the account alias which in my case was what I needed. To do so use Get-IamAccountAlias – CarlR Jun 30 '15 at 12:31

score 1 · Answer 3 · answered Mar 08 '18 at 00:22

I was unable to comment on the other provided answer, so I'll have to offer my own solution as a slight modification.

I do believe the OwnerId on all groups will be the Account Id. However you may not have a "default" group. I recommend leaving out the -GroupNames "default". Also, I'm showing my example using a SAML token, as that is our case coming in with AD authorization.

$awsAccountNumber = (get-ec2securitygroup -ProfileName saml -Region us-west-2)[0].OwnerId

Hopefully that will be of some use.

score 1 · Answer 4 · answered Aug 20 '19 at 12:27

I use Get-STSCallerIdentity.

Here is a code snippet that I use:

    foreach ($ProfileName in $Profiles){
    if ($ProfileName -match 'gov') { 
        Initialize-AWSDefaultConfiguration -ProfileName $ProfileName -Region us-gov-east-1
        $STSCallerIdentity = Get-STSCallerIdentity
    }
    else { 
        Initialize-AWSDefaultConfiguration -ProfileName $ProfileName -Region us-east-1 
        $STSCallerIdentity = Get-STSCallerIdentity
    }

AWS Powershell to retrieve AWS account number

4 Answers4

Linked