Skip to content
CrowdStrike Developer Center

default_sensor_update_policy

This resource allows management of the default sensor update policy in the CrowdStrike Falcon platform. Destruction of this resource will not delete the default sensor update policy or remove any configured settings.

API Scopes

Section titled “API Scopes”

The following API scopes are required:

  • Sensor update policies: READ
  • Sensor update policies: WRITE

Example Usage

Section titled “Example Usage”
terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}


provider "crowdstrike" {
  cloud = "us-2"
}


data "crowdstrike_sensor_update_policy_builds" "all" {}


resource "crowdstrike_default_sensor_update_policy" "default" {
  platform_name         = "windows"
  build                 = data.crowdstrike_sensor_update_policy_builds.all.windows.n1.build
  uninstall_protection  = true
  bulk_maintenance_mode = false
  schedule = {
    enabled  = true
    timezone = "Etc/UTC"
    time_blocks = [
      {
        days       = ["sunday", "wednesday"]
        start_time = "12:40"
        end_time   = "16:40"
      }
    ]
  }
}




output "sensor_policy" {
  value = crowdstrike_default_sensor_update_policy.default
}

Schema

Section titled “Schema”

Required

Section titled “Required”
  • build (String) Sensor build to use for the default sensor update policy. Accepts a build number (e.g. “17407”) or a full version string (e.g. “7.22.17407”); the version prefix is stripped automatically. Use an empty string to turn off sensor version updates.
  • platform_name (String) Chooses which default sensor update policy to manage. (Windows, Mac, Linux). Changing this value will require replacing the resource.
  • schedule (Attributes) Prohibit sensor updates during a set of time blocks. (see below for nested schema)

Optional

Section titled “Optional”
  • build_arm64 (String) Sensor arm64 build to use for the default sensor update policy (Linux only). Required if platform_name is Linux. Accepts a build number (e.g. “17407”) or a full version string (e.g. “7.22.17407”); the version prefix is stripped automatically. Use an empty string to turn off sensor version updates.
  • bulk_maintenance_mode (Boolean) Enable bulk maintenance mode. When enabled, uninstall_protection must be set to true and build must be set to an empty string ("") to turn off sensor version updates.
  • uninstall_protection (Boolean) Enable uninstall protection.

Read-Only

Section titled “Read-Only”
  • id (String) Identifier for the sensor update policy.
  • last_updated (String) Timestamp of the last Terraform update of the resource.

Nested Schema for schedule

Section titled “Nested Schema for schedule”

Required:

  • enabled (Boolean) Enable the scheduler for sensor update policy.

Optional:

  • time_blocks (Attributes Set) The time block to prevent sensor updates. Only set when enabled is true. (see below for nested schema)
  • timezone (String) The time zones that will be used for the time blocks. Only set when enabled is true.

Nested Schema for schedule.time_blocks

Section titled “Nested Schema for schedule.time_blocks”

Required:

  • days (Set of String) The days of the week the time block should be active.
  • end_time (String) The end time for the time block in 24HR format. Must be atleast 1 hour more than start_time.
  • start_time (String) The start time for the time block in 24HR format. Must be atleast 1 hour before end_time.

Import

Section titled “Import”

Import is supported using the following syntax:

Terminal window
# A default sensor update policy can be imported by specifying the policy id.
terraform import crowdstrike_default_sensor_update_policy.default 7fb858a949034a0cbca175f660f1e769
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use