sensor_update_policy
This resource allows management of sensor update policies in the CrowdStrike Falcon platform. Sensor update policies allow you to control the update process across a set of hosts.
API Scopes
Section titled “API Scopes”The following API scopes are required:
- Sensor update policies: READ
- Sensor update policies: WRITE
Example Usage
Section titled “Example Usage”terraform { required_providers { crowdstrike = { source = "registry.terraform.io/crowdstrike/crowdstrike" } }}
provider "crowdstrike" { cloud = "us-2"}
data "crowdstrike_sensor_update_policy_builds" "all" {}
resource "crowdstrike_sensor_update_policy" "example" { name = "example_sensor_update_policy" enabled = false description = "made with terraform" platform_name = "Windows" build = data.crowdstrike_sensor_update_policy_builds.all.windows.n1.build uninstall_protection = true bulk_maintenance_mode = false host_groups = ["host_group_id"] schedule = { enabled = true timezone = "Etc/UTC" time_blocks = [ { days = ["sunday", "wednesday"] start_time = "12:40" end_time = "16:40" } ] }}
output "sensor_policy" { value = crowdstrike_sensor_update_policy.example}Schema
Section titled “Schema”Required
Section titled “Required”build(String) Sensor build to use for the sensor update policy. Accepts a build number (e.g. “17407”) or a full version string (e.g. “7.22.17407”); the version prefix is stripped automatically. Use an empty string to turn off sensor version updates.name(String) Name of the sensor update policy.platform_name(String) Platform for the sensor update policy to manage. (Windows, Mac, Linux). Changing this value will require replacing the resource.schedule(Attributes) Prohibit sensor updates during a set of time blocks. (see below for nested schema)
Optional
Section titled “Optional”build_arm64(String) Sensor arm64 build to use for the sensor update policy (Linux only). Required if platform_name is Linux. Accepts a build number (e.g. “17407”) or a full version string (e.g. “7.22.17407”); the version prefix is stripped automatically. Use an empty string to turn off sensor version updates.bulk_maintenance_mode(Boolean) Enable bulk maintenance mode. When enabled, uninstall_protection must be set to true and build must be set to an empty string ("") to turn off sensor version updates.description(String) Description of the sensor update policy.enabled(Boolean) Enable the sensor update policy.host_groups(Set of String) Host Group ids to attach to the sensor update policy.uninstall_protection(Boolean) Enable uninstall protection.
Read-Only
Section titled “Read-Only”id(String) Identifier for the sensor update policy.last_updated(String) Timestamp of the last Terraform update of the resource.
Nested Schema for schedule
Section titled “Nested Schema for schedule”Required:
enabled(Boolean) Enable the scheduler for sensor update policy.
Optional:
time_blocks(Attributes Set) The time block to prevent sensor updates. Only set when enabled is true. (see below for nested schema)timezone(String) The time zones that will be used for the time blocks. Only set when enabled is true.
Nested Schema for schedule.time_blocks
Section titled “Nested Schema for schedule.time_blocks”Required:
days(Set of String) The days of the week the time block should be active.end_time(String) The end time for the time block in 24HR format. Must be atleast 1 hour more than start_time.start_time(String) The start time for the time block in 24HR format. Must be atleast 1 hour before end_time.
Import
Section titled “Import”Import is supported using the following syntax:
# sensor update policies can be imported by specifying the policy id.terraform import crowdstrike_sensor_update_policy.example 7fb858a949034a0cbca175f660f1e769