Skip to content
CrowdStrike Developer Center

Terraform

CrowdStrike provides a Terraform provider for managing Falcon platform resources and a set of modules for cloud account registration and sensor deployment. Use declarative configuration to enforce security posture, register cloud accounts, and deploy sensors at scale.

Provider

Section titled “Provider”

The CrowdStrike Terraform provider manages Falcon platform resources directly — policies, host groups, exclusions, cloud accounts, and more. Over 50 resources and 14 data sources.

Provider Overview Setup, authentication, cloud regions, MSSP support, and importing existing resources.

Resources by Category

Section titled “Resources by Category”
Prevention Policies 9 resources — Windows, Linux, Mac variants with defaults, attachment, and precedence.
Sensor Update Policies Control sensor build deployment across host groups with scheduling.
Content Update Policies Manage content delivery rings, delays, and version pinning.
FileVantage File integrity monitoring policies, rule groups, and attachments.
Response Policies Real-time response capabilities, custom scripts, and put files.
Cloud Security 13 resources — AWS/Azure/GCP accounts, KAC policies, custom rules, compliance.
IT Automation Tasks, task groups, policies, and scheduling for automated operations.
Host Management Host groups, user groups, CID groups, and installation tokens.
IOA Rules Custom indicator-of-attack rule groups and exclusions.
Data Protection Sensitivity labels, content patterns, ML exclusions, and visibility exclusions.
Data Sources 14 data sources for querying policies, builds, accounts, and rules.

Modules

Section titled “Modules”

Pre-built modules for cloud account registration and sensor deployment.

Modules Overview Which module for which task — decision guide for cloud registration and sensor deployment.
AWS Cloud Registration Register AWS accounts with Falcon Cloud Security — asset inventory, RTVD, DSPM, sensor management.
AWS SSM Distributor Deploy Falcon sensors to EC2 instances via AWS Systems Manager with multi-region support.
Azure Cloud Registration Register Azure tenants and subscriptions — service principals, log ingestion, agentless scanning.
GCP Cloud Registration Register GCP organizations, folders, and projects with Workload Identity Federation.
Kubernetes Deploy Falcon Sensor, Admission Controller, and Image Analyzer to K8s and OpenShift clusters.
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use