From 7a79dedb79cf1d614c9e81b8f0c15e4f8d0e7419 Mon Sep 17 00:00:00 2001
From: Akash Philip <>
Date: Fri, 2 Mar 2018 00:00:14 +0530
Subject: [PATCH 1/3] fixing changes for MFA

---
 architecture/create-benchmark-rules.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/architecture/create-benchmark-rules.yaml b/architecture/create-benchmark-rules.yaml
index 3eb434e..8fcd71f 100644
--- a/architecture/create-benchmark-rules.yaml
+++ b/architecture/create-benchmark-rules.yaml
@@ -265,7 +265,7 @@
                 # Determine whether the root account uses hardware-based MFA.
                 mfa_devices = client.list_virtual_mfa_devices()['VirtualMFADevices']
                 for mfa_device in mfa_devices:
-                    if not 'SerialNumber' in mfa_device:
+                    if 'User' in mfa_device and not mfa_device['User']['Arn'].endswith('mfa/root-account-mfa-device'):
                         is_compliant = is_compliant and True
                     else:
                         is_compliant = is_compliant and False

From 796f0ac6b2e318471ba77c7809e3a8662fe99ffd Mon Sep 17 00:00:00 2001
From: Akash Philip <>
Date: Fri, 2 Mar 2018 00:42:09 +0530
Subject: [PATCH 2/3] fixing the empty annotation issue

---
 architecture/create-benchmark-rules.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/architecture/create-benchmark-rules.yaml b/architecture/create-benchmark-rules.yaml
index 8fcd71f..f2a09c7 100644
--- a/architecture/create-benchmark-rules.yaml
+++ b/architecture/create-benchmark-rules.yaml
@@ -295,7 +295,7 @@
                             'ComplianceResourceType': 'AWS::::Account',
                             'ComplianceResourceId': 'Root',
                             'ComplianceType': 'COMPLIANT' if is_compliant else 'NON_COMPLIANT',
-                            'Annotation': annotation,
+                            'Annotation': annotation+"<--Results",
                             'OrderingTimestamp': datetime.datetime.now(),
                         },
                     ],

From f445fab4cad4c5f36ed54ca08987813d9e58faab Mon Sep 17 00:00:00 2001
From: Akash Philip <>
Date: Fri, 2 Mar 2018 00:47:25 +0530
Subject: [PATCH 3/3] fixing the empty annotation issue

---
 architecture/create-benchmark-rules.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/architecture/create-benchmark-rules.yaml b/architecture/create-benchmark-rules.yaml
index f2a09c7..3d438cc 100644
--- a/architecture/create-benchmark-rules.yaml
+++ b/architecture/create-benchmark-rules.yaml
@@ -295,7 +295,7 @@
                             'ComplianceResourceType': 'AWS::::Account',
                             'ComplianceResourceId': 'Root',
                             'ComplianceType': 'COMPLIANT' if is_compliant else 'NON_COMPLIANT',
-                            'Annotation': annotation+"<--Results",
+                            'Annotation': annotation+"EvaluationComplete",
                             'OrderingTimestamp': datetime.datetime.now(),
                         },
                     ],