Skip to content
CrowdStrike Developer Center

filevantage_policies

This data source provides information about FileVantage policies in Falcon.

API Scopes

Section titled “API Scopes”

The following API scopes are required:

  • Falcon FileVantage: READ

Example Usage

Section titled “Example Usage”
terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}


provider "crowdstrike" {
  cloud = "us-2"
}


# Get all FileVantage policies
data "crowdstrike_filevantage_policies" "all" {}


# Get only enabled Windows and Linux policies
data "crowdstrike_filevantage_policies" "enabled" {
  platform_names = ["Windows", "Linux"]
  enabled        = true
}


# Get policies sorted by precedence
data "crowdstrike_filevantage_policies" "sorted" {
  sort = "precedence.desc"
}


# Get specific policies by ID
data "crowdstrike_filevantage_policies" "specific" {
  ids = [
    "a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
    "b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7"
  ]
}

Schema

Section titled “Schema”

Optional

Section titled “Optional”
  • created_by (String) Filter policies by the user who created them. All provided filter attributes must match for a policy to be returned (omitted attributes are ignored). Supports wildcard matching with '' where '' matches any sequence of characters until the end of the string or until the next literal character in the pattern is found. Multiple wildcards can be used in a single pattern. Matching is case insensitive. Cannot be used together with ‘ids’.
  • description (String) Filter policies by description. All provided filter attributes must match for a policy to be returned (omitted attributes are ignored). Supports wildcard matching with '' where '' matches any sequence of characters until the end of the string or until the next literal character in the pattern is found. Multiple wildcards can be used in a single pattern. Matching is case insensitive. Cannot be used together with ‘ids’.
  • enabled (Boolean) Filter policies by enabled status. All provided filter attributes must match for a policy to be returned (omitted attributes are ignored). Cannot be used together with ‘ids’.
  • ids (List of String) List of FileVantage policy IDs to retrieve. Cannot be used together with ‘platform_names’ or other filter attributes.
  • modified_by (String) Filter policies by the user who last modified them. All provided filter attributes must match for a policy to be returned (omitted attributes are ignored). Supports wildcard matching with '' where '' matches any sequence of characters until the end of the string or until the next literal character in the pattern is found. Multiple wildcards can be used in a single pattern. Matching is case insensitive. Cannot be used together with ‘ids’.
  • name (String) Filter policies by name. All provided filter attributes must match for a policy to be returned (omitted attributes are ignored). Supports wildcard matching with '' where '' matches any sequence of characters until the end of the string or until the next literal character in the pattern is found. Multiple wildcards can be used in a single pattern. Matching is case insensitive. Cannot be used together with ‘ids’.
  • platform_names (Set of String) Filter policies by platform names. Valid values: Windows, Linux, Mac. Defaults to all. Cannot be used together with ‘ids’.
  • sort (String) Sort order for the results. Can be used with ‘platform_names’. Valid values: ‘precedence’, ‘created_timestamp’, ‘modified_timestamp’, optionally followed by ‘.asc’ or ‘.desc’ (e.g., ‘precedence.desc’). By default, ‘.asc’ is used if no direction is specified. Cannot be used together with ‘ids’.

Read-Only

Section titled “Read-Only”

Nested Schema for policies

Section titled “Nested Schema for policies”

Read-Only:

  • created_by (String) User who created the policy
  • created_timestamp (String) Timestamp when the policy was created
  • description (String) The FileVantage policy description
  • enabled (Boolean) Whether the FileVantage policy is enabled
  • host_groups (List of String) List of host group IDs assigned to the policy
  • id (String) The FileVantage policy ID
  • modified_by (String) User who last modified the policy
  • modified_timestamp (String) Timestamp when the policy was last modified
  • name (String) The FileVantage policy name
  • platform_name (String) The platform name (Windows, Linux, Mac)
  • precedence (Number) Policy precedence/priority
  • rule_groups (List of String) List of rule group IDs associated with the policy
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use