diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md
index ded57becb46..bf57cd119e5 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/documentation/devices/mac-security-eth-po-entropy.md
@@ -147,7 +147,7 @@ FIPS restrictions enabled.
 ###### Keys
 
 | Key ID | Fallback |
-| ------ |  -------- |
+| ------ | -------- |
 | 1234a | - |
 | 1234c | True |
 
@@ -168,9 +168,23 @@ FIPS restrictions enabled.
 ###### Keys
 
 | Key ID | Fallback |
-| ------ |  -------- |
+| ------ | -------- |
 | 1234b | - |
 
+##### Profile A3
+
+###### Settings
+
+| Cipher | Key-Server Priority | Rekey-Period | SCI |
+| ------ | ------------------- | ------------ | --- |
+| aes256-gcm-xpn | - | - | - |
+
+###### Keys
+
+| Key ID | Fallback |
+| ------ | -------- |
+| ab | False |
+
 ### MACsec Device Configuration
 
 ```eos
@@ -189,4 +203,7 @@ mac security
       l2-protocol lldp bypass unauthorized
    profile A2
       key 1234b 7 <removed>
+   profile A3
+      cipher aes256-gcm-xpn
+      key ab 7 <removed>
 ```
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg
index 60ce3186c24..4837b26d1c8 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/mac-security-eth-po-entropy.cfg
@@ -16,6 +16,9 @@ mac security
       l2-protocol lldp bypass unauthorized
    profile A2
       key 1234b 7 12485744465E5A53
+   profile A3
+      cipher aes256-gcm-xpn
+      key ab 7 10195F4C5144405A
 !
 hostname mac-security-eth-po-entropy
 !
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/mac-security-eth-po-entropy.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/mac-security-eth-po-entropy.yml
index 79976efbac2..07fd8260053 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/mac-security-eth-po-entropy.yml
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/mac-security-eth-po-entropy.yml
@@ -24,6 +24,12 @@ mac_security:
       connection_keys:
         - id: 1234b
           encrypted_key: 12485744465E5A53
+    - name: A3
+      cipher: aes256-gcm-xpn
+      connection_keys:
+        - id: ab
+          encrypted_key: 10195F4C5144405A
+          fallback: false
 
 ### Mgmt sec
 management_security:
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen_deprecated_vars/documentation/devices/host1.md b/ansible_collections/arista/avd/molecule/eos_cli_config_gen_deprecated_vars/documentation/devices/host1.md
index 5a170294bc6..1b6d09f1b45 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen_deprecated_vars/documentation/devices/host1.md
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen_deprecated_vars/documentation/devices/host1.md
@@ -1640,7 +1640,7 @@ FIPS restrictions enabled.
 ###### Keys
 
 | Key ID | Fallback |
-| ------ |  -------- |
+| ------ | -------- |
 | 1234b | - |
 
 ### MACsec Device Configuration
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/mac-security.j2 b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/mac-security.j2
index d30e4619e5e..bf9a5b23bc0 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/mac-security.j2
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/documentation/mac-security.j2
@@ -40,7 +40,7 @@ FIPS restrictions enabled.
 ###### Keys
 
 | Key ID | Fallback |
-| ------ |  -------- |
+| ------ | -------- |
 {%                 for connection_key in profile.connection_keys | arista.avd.natural_sort('id') %}
 {%                     if connection_key.encrypted_key is arista.avd.defined %}
 {%                         set fallback = connection_key.fallback | arista.avd.default('-') %}
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/mac-security.j2 b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/mac-security.j2
index ec95e6d04e3..87c00e018a5 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/mac-security.j2
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/templates/eos/mac-security.j2
@@ -22,7 +22,7 @@ mac security
 {%         for connection_key in profile.connection_keys | arista.avd.natural_sort('id') %}
 {%             if connection_key.encrypted_key is arista.avd.defined %}
 {%                 set key_cli = "key " ~ connection_key.id ~ " 7 " ~ connection_key.encrypted_key | arista.avd.hide_passwords(hide_passwords) %}
-{%                 if connection_key.fallback is arista.avd.defined %}
+{%                 if connection_key.fallback is arista.avd.defined(true) %}
 {%                     set key_cli = key_cli ~ " fallback" %}
 {%                 endif %}
       {{ key_cli }}