> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Privilege Zone Rules

> Jamf extension Privilege Zone rules

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

The following Privilege Zone rules can be imported into BloodHound to group nodes for Cypher query analysis and BloodHound Enterprise finding generation.

<Info>
  This file is automatically generated from the [JSON Privilege Zone rule files](https://github.com/SpecterOps/openhound-jamf/tree/main/extension/privilege_zone_rules).
</Info>

## Tenant

Tenant nodes in Jamf Pro.

Zone: Tier Zero

```cypher theme={null}
MATCH (n:jamf_Tenant)
RETURN n
```

This rule is defined in the [tenant.json](https://github.com/SpecterOps/openhound-jamf/tree/main/extension/privilege_zone_rules/tenant.json) file.

## Tier Zero Principals

Accounts and group principals with 'Full Access' administrator privileges in the tenant and 'SSO' configuration if enabled.

Zone: Tier Zero

```cypher theme={null}
MATCH (n)
WHERE n.tier = 0
RETURN n
```

This rule is defined in the [tier0-principals.json](https://github.com/SpecterOps/openhound-jamf/tree/main/extension/privilege_zone_rules/tier0-principals.json) file.