Skip to content
CrowdStrike Developer Center

default_content_update_policy

This resource allows management of the default content update policy in the CrowdStrike Falcon platform. Destruction of this resource will not delete the default content update policy or remove any configured settings.

API Scopes

Section titled “API Scopes”

The following API scopes are required:

  • Content Update Policy: READ
  • Content Update Policy: WRITE

Example Usage

Section titled “Example Usage”
terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}


provider "crowdstrike" {
  cloud = "us-2"
}


# Basic default content update policy
resource "crowdstrike_default_content_update_policy" "default" {
  description = "Default content update policy for CrowdStrike environment"


  sensor_operations = {
    ring_assignment = "ga"
    delay_hours     = 0
  }


  system_critical = {
    ring_assignment = "ga"
    delay_hours     = 24
  }


  vulnerability_management = {
    ring_assignment = "ga"
    delay_hours     = 0
  }


  rapid_response = {
    ring_assignment = "ga"
    delay_hours     = 0
  }
}


output "default_content_policy" {
  value       = crowdstrike_default_content_update_policy.default
  description = "The default content update policy configuration"
}

Schema

Section titled “Schema”

Required

Section titled “Required”
  • description (String) Description of the default content update policy.
  • rapid_response (Attributes) Ring assignment settings for rapid response allow/block listing content category. (see below for nested schema)
  • sensor_operations (Attributes) Ring assignment settings for sensor operations content category. (see below for nested schema)
  • system_critical (Attributes) Ring assignment settings for system critical content category. (see below for nested schema)
  • vulnerability_management (Attributes) Ring assignment settings for vulnerability management content category. (see below for nested schema)

Read-Only

Section titled “Read-Only”
  • id (String) Identifier for the default content update policy.
  • last_updated (String) Timestamp of the last Terraform update of the resource.

Nested Schema for rapid_response

Section titled “Nested Schema for rapid_response”

Required:

  • ring_assignment (String) Ring assignment for the content category (ga, ea, pause).

Optional:

  • delay_hours (Number) Delay in hours when using ‘ga’ ring assignment. Valid values: 0, 1, 2, 4, 8, 12, 24, 48, 72. Only applicable when ring_assignment is ‘ga’.
  • pinned_content_version (String) Pin content category to a specific version. When set, the content category will not automatically update to newer versions.

Nested Schema for sensor_operations

Section titled “Nested Schema for sensor_operations”

Required:

  • ring_assignment (String) Ring assignment for the content category (ga, ea, pause).

Optional:

  • delay_hours (Number) Delay in hours when using ‘ga’ ring assignment. Valid values: 0, 1, 2, 4, 8, 12, 24, 48, 72. Only applicable when ring_assignment is ‘ga’.
  • pinned_content_version (String) Pin content category to a specific version. When set, the content category will not automatically update to newer versions.

Nested Schema for system_critical

Section titled “Nested Schema for system_critical”

Required:

  • ring_assignment (String) Ring assignment for the content category (ga, ea). Note: ‘pause’ is not allowed for system_critical.

Optional:

  • delay_hours (Number) Delay in hours when using ‘ga’ ring assignment. Valid values: 0, 1, 2, 4, 8, 12, 24, 48, 72. Only applicable when ring_assignment is ‘ga’.
  • pinned_content_version (String) Pin content category to a specific version. When set, the content category will not automatically update to newer versions.

Nested Schema for vulnerability_management

Section titled “Nested Schema for vulnerability_management”

Required:

  • ring_assignment (String) Ring assignment for the content category (ga, ea, pause).

Optional:

  • delay_hours (Number) Delay in hours when using ‘ga’ ring assignment. Valid values: 0, 1, 2, 4, 8, 12, 24, 48, 72. Only applicable when ring_assignment is ‘ga’.
  • pinned_content_version (String) Pin content category to a specific version. When set, the content category will not automatically update to newer versions.

Import

Section titled “Import”

Import is supported using the following syntax:

Terminal window
# Default Content Update Policy resources can be imported using the policy ID of the default content update policy.
# If no id is provided, the provider will find the default content update policy.
terraform import crowdstrike_default_content_update_policy.default 1234567890abcdef1234567890abcdef
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use