> ## Documentation Index
> Fetch the complete documentation index at: https://specterops-bp-2735-release-notes.mintlify.site/llms.txt
> Use this file to discover all available pages before exploring further.

# Privilege Zone Rules

> Jamf extension Privilege Zone rules

<img noZoom src="https://mintcdn.com/specterops-bp-2735-release-notes/2djt2Sp9UeFPjBFr/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=2djt2Sp9UeFPjBFr&q=85&s=a791748158fde5ff3b3b82b51497ab39" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

The following Privilege Zone rules can be imported into BloodHound to group nodes for Cypher query analysis and BloodHound Enterprise finding generation.

<Info>
  This file is automatically generated from the [JSON Privilege Zone rule files](https://github.com/SpecterOps/openhound-jamf/tree/main/extension/privilege_zone_rules).
</Info>

## Tenant

Tenant nodes in Jamf Pro.

Zone: Tier Zero

```cypher theme={null}
MATCH (n:jamf_Tenant)
RETURN n
```

This rule is defined in the [tenant.json](https://github.com/SpecterOps/openhound-jamf/tree/main/extension/privilege_zone_rules/tenant.json) file.

## Tier Zero Principals

Accounts and group principals with 'Full Access' administrator privileges in the tenant and 'SSO' configuration if enabled.

Zone: Tier Zero

```cypher theme={null}
MATCH (n)
WHERE n.tier = 0
RETURN n
```

This rule is defined in the [tier0-principals.json](https://github.com/SpecterOps/openhound-jamf/tree/main/extension/privilege_zone_rules/tier0-principals.json) file.
