If you just want to find the owner of the Access Key ID, a more straightforward trick is just to use AWS CLI with the key id and key to access a random AWS service. AWS CLI will throw an Access Denied error which has full details of the owner info of the Access Key as shown below:
$ aws iam get-user
An error occurred (AccessDenied) when calling the GetUser operation:
User: arn:aws:iam::xxxxxxx:user/xxxx is not authorized to perform:
iam:GetUser on resource: user xxxxx
From the error message, you will have the account id, the user name.
If the user has permission to access IAM, you will get the full details of the user as below:
{
"User": {
"Path": "/",
"UserName": "xxx",
"UserId": "xxx",
"Arn": "arn:aws:iam::75xxx:user/xxx",
"CreateDate": "2019-09-10T07:10:26+00:00",
"PasswordLastUsed": "2020-05-26T07:51:50+00:00"
}
}
Update
A new command provided by AWS is here:
$ aws sts get-caller-identity
{
"UserId": "AIDASYJLxxxxx",
"Account": "18xxxxxxxxxx",
"Arn": "arn:aws:iam::18xxxxxxxxx:user/xxxxxxx"
}
$ aws sts get-caller-identity { "UserId": "1234456789:john.doe", "Account": "1234456789", "Arn": "arn:aws:sts::1234456789:federated-user/john.doe" }
– Kyle Bridenstine