Jump Item Roles
What are Jump Item Roles?
Jump Item Roles define the specific permissions and access levels granted to users for different Jump Items, determining what actions they can perform.
How are Jump Item Roles useful to my organization?
Jump Item Roles help administrators manage access control and ensure users can only perform the necessary tasks for their role, enhancing security and efficiency during remote access sessions.
How do I access the Jump Item Roles page?
- Sign into app.beyondtrust.io.
The BeyondTrust Home page displays. - From the main menu, click Privileged Remote Access > Jump.
The Jump page opens and the Jump Clients tab displays by default. - Click the Jump Item Roles.
The Jump Item Roles page displays.
How to configure Jump Item Roles
A Jump Item Role is a predefined set of permissions regarding Jump Item management and usage. Jump Item Roles are applied to users from the Jump > Jump Item Roles page or from the Users & Security > Group Policies page.
If more than one role is assigned to a user, then the most specific role for a user is always used. The order of specificity for Jump Item Roles, from most specific to least specific, is:
- The role assigned to the relationship between a user and a Jump Group on the Jump > Jump Item Roles page
- The role assigned to the relationship between a user and a Jump Group on the Users & Security > Group Policies page
- The Jump Item Roles configured for a user on the Users & Security > Users page or the Users & Security > Group Policies page
Note
A new Jump Item Role called Auditor is automatically created on new site installations. On existing installations it has to be created. This role only has a single View Reports permission enabled, giving admins the option to grant a user just the permission to run Jump Item reports, without the need to grant any other permission.
Add new Jump Item Role, edit, delete
Create a new role, modify an existing role, or remove an existing role.
Add or edit Jump Item Role
Name
Create a unique name to help identify this role. This name helps when linking a Jump Item Role with a user or group of users in a Jump Group.
Description
Add a brief description to summarize the purpose of this role.
Permissions
Jump Group or personal Jump Items
Create and deploy new Jump Items
Enables the user to create Jump Items and install them on remote systems.
Move and copy Jump Items
Enables the user to move or copy Jump Items from one Jump Group into another. This permission must be enabled on both Jump Groups. Copied Jump Items can be edited.
Remove existing Jump Items
Enables the user to delete Jump Items.
Jump Item
Start sessions
Enables the user to Jump to remote systems.
Edit tag
Enables the user to edit a Jump Item's tag field.
Edit comments
Enables the user to edit a Jump Item's comments field.
Edit public portal
Enables the user to set the public portal with which a Jump Item is associated.
Edit Jump Policy
Enables the user to set which, if any, Jump Policy is applied to a Jump Item.
Edit session policy
Enables the user to set which, if any, session policy a Jump Item should use. Changing the session policy may affect the permissions allowed in the session.
Edit connectivity and authentication
Enables the user to modify a Jump Item's connection and authentication information. This includes such fields as hostname, Jumpoint, port, and username, among others.
Edit behavior and experience
Enables the user to modify the behavior of Jump Items. This includes such fields as connection type, display size, and terminal type, among others.
Updated 3 months ago
