Cisco Bug: CSCvs72114 - Config compliance for EPG raises Verified event if the corresponding EPG doesn't have an attribute
Sep 29, 2020
- Cisco Network Assurance Engine
Known Affected Releases
Symptom: Config compliance for EPGs checks, if certain attributes are set to some expected values for a group of EPGs. These attributes currently are the QoS flag, Preferred Group membership and Intra EPG isolation. The Intra EPG isolation attributes however only exists for AppEPGs. When a requirement with this attributes is checked for other types of EPGs it is considered as enforced, hence it will trigger an enforcement event if no other violations are present. However, the event will only list attributes that actually exist on the UI. As a cornercase, where the intra epg isolation attribute is the only attribute that's set in the requirement, the corresponding enforcement event will thus be empty. Conditions: This issue occurs when the EPG selector of a Config Compliance Requirement is also selecting EPGs that are not of type AppEPG and the requirement defines a check for the Intra-EPG Isolation attribute.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases