Skip to content
CrowdStrike Developer Center

it_automation_default_policy

This resource allows management of default IT Automation policy configuration settings in the CrowdStrike Falcon platform.

API Scopes

Section titled “API Scopes”

The following API scopes are required:

  • IT Automation - Policies: READ
  • IT Automation - Policies: WRITE
  • IT Automation - Task Executions: READ
  • IT Automation - Task Executions: WRITE
  • IT Automation - Tasks: READ
  • IT Automation - Tasks: WRITE
  • IT Automation - User Groups: READ
  • IT Automation - User Groups: WRITE

~> Important Default policies are created by CrowdStrike and cannot be created or deleted via Terraform. You can only manage the description and configuration settings (concurrency, execution, and resources). Default policies cannot be enabled/disabled, assigned to host groups, or have their names changed.

Example Usage

Section titled “Example Usage”
terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}


provider "crowdstrike" {
  cloud = "us-2"
}


resource "crowdstrike_it_automation_default_policy" "windows_example" {
  platform_name = "Windows"
  description   = "Example Windows Default Policy configuration"


  concurrent_host_file_transfer_limit = 500
  concurrent_host_limit               = 5000
  concurrent_task_limit               = 3


  enable_os_query         = false
  enable_python_execution = false
  enable_script_execution = false
  execution_timeout       = 30
  execution_timeout_unit  = "Minutes"


  cpu_throttle           = 20
  memory_allocation      = 1024
  memory_allocation_unit = "MB"
}


resource "crowdstrike_it_automation_default_policy" "linux_example" {
  platform_name = "Linux"
  description   = "Example Linux Default Policy configuration"


  concurrent_host_file_transfer_limit = 500
  concurrent_host_limit               = 5000
  concurrent_task_limit               = 3


  enable_os_query         = false
  enable_python_execution = false
  enable_script_execution = false
  execution_timeout       = 30
  execution_timeout_unit  = "Minutes"


  cpu_throttle           = 20
  memory_allocation      = 1024
  memory_allocation_unit = "MB"
}


resource "crowdstrike_it_automation_default_policy" "mac_example" {
  platform_name = "Mac"
  description   = "Example Mac Default Policy configuration"


  concurrent_host_file_transfer_limit = 500
  concurrent_host_limit               = 5000
  concurrent_task_limit               = 3


  enable_os_query         = false
  enable_python_execution = false
  enable_script_execution = false
  execution_timeout       = 30
  execution_timeout_unit  = "Minutes"


  cpu_scheduling_priority = "Medium"
  memory_pressure_level   = "Medium"
}


output "windows_default_policy" {
  value = crowdstrike_it_automation_default_policy.windows_example
}


output "linux_default_policy" {
  value = crowdstrike_it_automation_default_policy.linux_example
}


output "mac_default_policy" {
  value = crowdstrike_it_automation_default_policy.mac_example
}

Schema

Section titled “Schema”

Required

Section titled “Required”
  • concurrent_host_file_transfer_limit (Number) Maximum number of hosts that can transfer files simultaneously (1-5000).
  • concurrent_host_limit (Number) Maximum number of hosts that can run operations simultaneously (1-100000).
  • concurrent_task_limit (Number) Maximum number of tasks that can run in parallel (1-5).
  • description (String) Description of the default policy.
  • enable_os_query (Boolean) Whether OSQuery functionality is enabled.
  • enable_python_execution (Boolean) Whether Python script execution is enabled.
  • enable_script_execution (Boolean) Whether script execution is enabled.
  • execution_timeout (Number) Maximum time a script can run before timing out.
  • execution_timeout_unit (String) Unit of time for execution timeout.
  • platform_name (String) Platform for the default policy (Windows, Linux, Mac).

Optional

Section titled “Optional”
  • cpu_scheduling_priority (String) Sets priority for CPU scheduling (Mac only). Required for Mac platform, cannot be used for Windows or Linux.
  • cpu_throttle (Number) CPU usage limit as a percentage (1-100) (Windows/Linux only). Required for Windows and Linux platforms, cannot be used for Mac.
  • memory_allocation (Number) Amount of memory allocated (Windows/Linux only). Required for Windows and Linux platforms, cannot be used for Mac.
  • memory_allocation_unit (String) Unit for memory allocation (Windows/Linux only). Required for Windows and Linux platforms, cannot be used for Mac.
  • memory_pressure_level (String) Sets memory pressure level to control system resource allocation during task execution (Mac only). Required for Mac platform, cannot be used for Windows or Linux.

Read-Only

Section titled “Read-Only”
  • enabled (Boolean) Whether the default policy is enabled or disabled. This is read-only as default policies cannot be enabled or disabled.
  • id (String) Identifier for the default policy.
  • last_updated (String) Timestamp of the last Terraform update of the resource.
  • name (String) Name of the default policy. This is read-only as default policy names cannot be changed.

Import

Section titled “Import”

Import is supported using the following syntax:

Terminal window
# it automation default policy can be imported by specifying the policy id.
terraform import crowdstrike_it_automation_default_policy.example 717cc96f8c5240bd8126f58153a8b13f


# using import block (requires terraform 1.5+)
import {
  to = crowdstrike_it_automation_default_policy.example
  id = "717cc96f8c5240bd8126f58153a8b13f"
}
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use