diff --git a/monkey/common/cloud/aws_instance.py b/monkey/common/cloud/aws_instance.py
index b8405b189..0731c7b92 100644
--- a/monkey/common/cloud/aws_instance.py
+++ b/monkey/common/cloud/aws_instance.py
@@ -1,25 +1,39 @@
+import json
 import re
 import urllib2
 
 __author__ = 'itay.mizeretz'
 
+AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS = "169.254.169.254"
+AWS_LATEST_METADATA_URI_PREFIX = 'http://{0}/latest/'.format(AWS_INSTANCE_METADATA_LOCAL_IP_ADDRESS)
+ACCOUNT_ID_KEY = "accountId"
+
 
 class AwsInstance(object):
     """
     Class which gives useful information about the current instance you're on.
     """
+
     def __init__(self):
         try:
-            self.instance_id = urllib2.urlopen('http://169.254.169.254/latest/meta-data/instance-id', timeout=2).read()
+            self.instance_id = urllib2.urlopen(
+                AWS_LATEST_METADATA_URI_PREFIX + 'meta-data/instance-id', timeout=2).read()
             self.region = self._parse_region(
-                urllib2.urlopen('http://169.254.169.254/latest/meta-data/placement/availability-zone').read())
+                urllib2.urlopen(AWS_LATEST_METADATA_URI_PREFIX + 'meta-data/placement/availability-zone').read())
         except urllib2.URLError:
             self.instance_id = None
             self.region = None
+        try:
+            self.account_id = self._extract_account_id(
+                urllib2.urlopen(
+                    AWS_LATEST_METADATA_URI_PREFIX + 'dynamic/instance-identity/document', timeout=2).read())
+        except urllib2.URLError:
+            self.account_id = None
 
     @staticmethod
     def _parse_region(region_url_response):
-        # For a list of regions: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
+        # For a list of regions, see:
+        # https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
         # This regex will find any AWS region format string in the response.
         re_phrase = r'((?:us|eu|ap|ca|cn|sa)-[a-z]*-[0-9])'
         finding = re.findall(re_phrase, region_url_response, re.IGNORECASE)
@@ -36,3 +50,10 @@ class AwsInstance(object):
 
     def is_aws_instance(self):
         return self.instance_id is not None
+
+    @staticmethod
+    def _extract_account_id(instance_identity_document_response):
+        return json.loads(instance_identity_document_response)[ACCOUNT_ID_KEY]
+
+    def get_account_id(self):
+        return self.account_id
diff --git a/monkey/monkey_island/cc/resources/aws_exporter.py b/monkey/monkey_island/cc/resources/aws_exporter.py
index 2ec2f25dd..a0c080403 100644
--- a/monkey/monkey_island/cc/resources/aws_exporter.py
+++ b/monkey/monkey_island/cc/resources/aws_exporter.py
@@ -86,6 +86,10 @@ class AWSExporter(Exporter):
         product_arn = 'arn:aws:securityhub:{region}:{arn}'.format(region=region, arn=configured_product_arn)
         instance_arn = 'arn:aws:ec2:' + str(region) + ':instance:{instance_id}'
         account_id = AWSExporter._get_aws_keys().get('aws_account_id', '')
+        if account_id is '':
+            logger.debug("aws account id not manually configured - acquiring via AwsInstance")
+            account_id = AwsInstance().get_account_id()
+            logger.debug("aws account id acquired: {}".format(account_id))
 
         finding = {
             "SchemaVersion": "2018-10-08",
@@ -119,10 +123,10 @@ class AWSExporter(Exporter):
             else:
                 return False
         except UnknownServiceError as e:
-            logger.warning('AWS exporter called but AWS-CLI securityhub service is not installed')
+            logger.warning('AWS exporter called but AWS-CLI securityhub service is not installed. Error: ' + e.message)
             return False
         except Exception as e:
-            logger.exception('AWS security hub findings failed to send.')
+            logger.exception('AWS security hub findings failed to send. Error: ' + e.message)
             return False
 
     @staticmethod
diff --git a/monkey/monkey_island/cc/services/config_schema.py b/monkey/monkey_island/cc/services/config_schema.py
index 8d99540bf..ac662c6c2 100644
--- a/monkey/monkey_island/cc/services/config_schema.py
+++ b/monkey/monkey_island/cc/services/config_schema.py
@@ -651,19 +651,7 @@ SCHEMA = {
                         'aws_account_id': {
                             'title': 'AWS account ID',
                             'type': 'string',
-                            'description': 'Your AWS account ID that is subscribed to security hub feeds',
-                            'default': ''
-                        },
-                        'aws_access_key_id': {
-                            'title': 'AWS access key ID',
-                            'type': 'string',
-                            'description': 'Your AWS public access key ID, can be found in the IAM user interface in the AWS console.',
-                            'default': ''
-                        },
-                        'aws_secret_access_key': {
-                            'title': 'AWS secret access key',
-                            'type': 'string',
-                            'description': 'Your AWS secret access key id, you can get this after creating a public access key in the console.',
+                            'description': 'Your AWS account ID that is subscribed to security hub feeds. If left empty, the island will try to automatically acquire this via the AWS metadata service.',
                             'default': ''
                         }
                     }