Guides - Find the Canonical User ID for an Account
An S3-compatible object storage solution designed to store, manage, and access unstructured data in the cloud.
Each Object Storage account is given its own canonical user ID, which can be used to identify a specific account or share resources between accounts. This ID consists of a long string of letters, dashes, and numbers, such as
NoteEach Linode account has a single canonical ID within Object Storage, which means that all users and Object Storage API keys on an account share the same canonical ID.
To retrieve the canonical user ID of an account, choose one of the methods outlined below.
The S3cmd utility can be used to retrieve the canonical ID by running the
info command below, replacing [bucket-label] with the label of the bucket.
s3cmd info s3://[bucket-label]
NoteS3cmd must be configured to use the Access Key of the account to which the bucket belongs.
Within the output, find an ACL that has the FULL_CONTROL permission and looks similar to the string shown in the example below.
s3://example-bucket/ (bucket): Location: default Payer: BucketOwner Expiration Rule: none Policy: none CORS: none ACL: a0000000-000a-0000-0000-00d0ff0f0000: FULL_CONTROL
If you see none as the ACL, it may indicate that your s3cmd is configured with a different region than the bucket is located within. See the Additional Configuration Options of our s3cmd guide to learn how to manually edit the s3cmd configuration.
To retrieve the canonical id of your account within the AWS CLI, run the following command, replacing [bucket-url] with the URL of the bucket. See Bucket URLs for instructions on formatting your bucket URL.
aws s3api list-buckets --query Owner.ID --output text --endpoint=[bucket-url]
NoteThe AWS CLI must be configured to use the Access Key of the account to which the bucket belongs.
Alternatively, you may be able to retrieve the canonical ID by curling a bucket and retrieving the Owner ID field from the returned XML. This method is an option when both of these conditions are true:
- The bucket has objects within it and has already been set to public (with a command like
s3cmd setacl s3://other-users-bucket --acl-public).
- The bucket has not been set to serve static websites.
Run the following curl command, replacing [bucket-url] with the URL of the bucket (ex:
Bucket URLs for instructions on formatting your bucket URL.
Within the output, the canonical ID is displayed within the
<Owner><ID> property. In the example output below, the ID is
... <Owner> <ID>a0000000-000a-0000-0000-00d0ff0f0000</ID> <DisplayName>a0000000-000a-0000-0000-00d0ff0f0000</DisplayName> </Owner> ...
This page was originally published on