Now even an IAM user can view the canonical user id, using AWS console – My Security Credentials. Has there been a change – earlier an IAM user had to resort to using CLI and list-buckets.
There’s a good explanation of how and who can view the canonical ID here:
The canonical user ID is an identifier for your account. Because this identifier is used by Amazon S3, only this service provides IAM users with access to the canonical user ID. You can also view the canonical user ID for your account from the AWS Management Console while signed in as the AWS account root user.
To use the the AWS API or AWS CLI to view the canonical user ID, the IAM user must have permissions to perform the s3:ListAllMyBuckets action.
hope this helps