Skip to content
CrowdStrike Developer Center

it_automation_policy

This resource allows management of IT Automation policies in the CrowdStrike Falcon platform. IT Automation policies allow you to configure settings related to the module and apply them to host groups.

API Scopes

Section titled “API Scopes”

The following API scopes are required:

  • IT Automation - Policies: READ
  • IT Automation - Policies: WRITE
  • IT Automation - Task Executions: READ
  • IT Automation - Task Executions: WRITE
  • IT Automation - Tasks: READ
  • IT Automation - Tasks: WRITE
  • IT Automation - User Groups: READ
  • IT Automation - User Groups: WRITE

Example Usage

Section titled “Example Usage”
terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}


provider "crowdstrike" {
  cloud = "us-2"
}


resource "crowdstrike_it_automation_policy" "windows_example" {
  name        = "Example Windows Policy"
  description = "Example Windows policy configuration"


  platform_name = "Windows"
  enabled       = true


  host_groups = [
    "cd2168944fd648bc9545df05ace3705a"
  ]


  concurrent_host_file_transfer_limit = 500
  concurrent_host_limit               = 5000
  concurrent_task_limit               = 3


  enable_os_query         = false
  enable_python_execution = false
  enable_script_execution = false
  execution_timeout       = 30
  execution_timeout_unit  = "Minutes"


  cpu_throttle           = 20
  memory_allocation      = 1024
  memory_allocation_unit = "MB"
}


resource "crowdstrike_it_automation_policy" "linux_example" {
  name        = "Example Linux Policy"
  description = "Example Linux policy configuration"


  platform_name = "Linux"
  enabled       = true


  host_groups = [
    "e44e040561424ca8980c46abacfaa204"
  ]


  concurrent_host_file_transfer_limit = 500
  concurrent_host_limit               = 5000
  concurrent_task_limit               = 3


  enable_os_query         = false
  enable_python_execution = false
  enable_script_execution = false
  execution_timeout       = 30
  execution_timeout_unit  = "Minutes"


  cpu_throttle           = 20
  memory_allocation      = 1024
  memory_allocation_unit = "MB"
}


resource "crowdstrike_it_automation_policy" "mac_example" {
  name        = "Example Mac Policy"
  description = "Example Mac policy configuration"


  platform_name = "Mac"
  enabled       = true


  host_groups = [
    "f4562561640f4cdf9ea8340d8990d758"
  ]


  concurrent_host_file_transfer_limit = 500
  concurrent_host_limit               = 5000
  concurrent_task_limit               = 3


  enable_os_query         = false
  enable_python_execution = false
  enable_script_execution = false
  execution_timeout       = 30
  execution_timeout_unit  = "Minutes"


  cpu_scheduling_priority = "Medium"
  memory_pressure_level   = "Medium"
}


output "windows_policy" {
  value = crowdstrike_it_automation_policy.windows_example
}


output "linux_policy" {
  value = crowdstrike_it_automation_policy.linux_example
}


output "mac_policy" {
  value = crowdstrike_it_automation_policy.mac_example
}

Schema

Section titled “Schema”

Required

Section titled “Required”
  • concurrent_host_file_transfer_limit (Number) Maximum number of hosts that can transfer files simultaneously (1-5000).
  • concurrent_host_limit (Number) Maximum number of hosts that can run operations simultaneously (1-100000).
  • concurrent_task_limit (Number) Maximum number of tasks that can run in parallel (1-5).
  • description (String) Description of the policy.
  • enable_os_query (Boolean) Whether OSQuery functionality is enabled.
  • enable_python_execution (Boolean) Whether Python script execution is enabled.
  • enable_script_execution (Boolean) Whether script execution is enabled.
  • enabled (Boolean) Whether the policy is enabled or disabled.
  • execution_timeout (Number) Maximum time a script can run before timing out.
  • execution_timeout_unit (String) Unit of time for execution timeout.
  • name (String) Name of the policy.
  • platform_name (String) Platform for the policy (Windows, Linux, Mac).

Optional

Section titled “Optional”
  • cpu_scheduling_priority (String) Sets priority for CPU scheduling.
  • cpu_throttle (Number) CPU usage limit as a percentage (1-100).
  • host_groups (Set of String) Set of host group IDs where this policy will be applied. Hosts in these groups will use this policy’s configuration for IT automation tasks.
  • memory_allocation (Number) Amount of memory allocated.
  • memory_allocation_unit (String) Unit for memory allocation.
  • memory_pressure_level (String) Sets memory pressure level to control system resource allocation during task execution.

Read-Only

Section titled “Read-Only”
  • id (String) Identifier for the policy.
  • last_updated (String) Timestamp of the last Terraform update of the resource.

Import

Section titled “Import”

Import is supported using the following syntax:

Terminal window
# it automation policy can be imported by specifying the policy id.
terraform import crowdstrike_it_automation_policy.example 717cc96f8c5240bd8126f58153a8b13f


# using import block (requires terraform 1.5+)
import {
  to = crowdstrike_it_automation_policy.example
  id = "717cc96f8c5240bd8126f58153a8b13f"
}
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use