1. Vanta
  2. Integrations
  3. Other Integrations & Connections

Other Integrations & Connections

Connecting Vanta & Jamf Pro

 Connecting Vanta & Jamf Pro

  • Open Integrations from the left-hand navigation panel
  • Search for Jamf Pro in the Available tab 
  • Select Connect
  • Log into your Jamf Pro administrator account.
  • Select the settings icon, and choose User accounts and groups

Screenshot 2023-09-26 at 4.49.56 PM.png

  • Select Password Policy

Screenshot 2023-10-27 at 2.02.16 PM.png

  • Confirm that Allow Basic authentication in addition to the bearer token authentication is checked

Screenshot 2023-10-27 at 2.03.16 PM.png

  • Navigate back to the User Accounts & Groups list
  • Create a new user that meets Vanta’s requirements 
    • We recommend vanta_service_user to help you remember its relation to Vanta
    • Full access and Custom  permission set
    • Note: We also support Site Access and Group Access if you’d like Vanta only to have access to certain Jamf objects belonging to a site. However, Users with Site Access cannot fetch Jamf accounts for Vanta access-related workflows. Proceed with this option if you do not wish to monitor Jamf account access in Vanta.

unnamed (1).png

  • Hold on to the username/password– you’ll need to add them to Vanta
  • Navigate to Privileges  and grant the following read-only privileges
    • User accounts and groups
    • Computers

    • macOS Configuration Profiles

  • Fill in the rest of the details with the appropriate full name, email, and password. Remember to save the password
  • Return to Vanta
  • Enter the credentials for this account and your *.jamfcloud.com domain into the Vanta connections flow
  • Select Validate credentials
  • You will receive either a confirmation that the credentials are configured correctly or an error message explaining how they’re misconfigured 
  • Please remember that Machines not managed by Jamf Pro should still use the Vanta Agent.
  • Currently, Vanta does not support the OnPrem deployment of Jamf Pro.
  • Currently, Vanta does not support Jamf Now or Jamf Business 
  • Currently, Vanta only supports integrating one Jamf instance at a time.

 

 

Controlling Scope through Jamf Pro

Vanta’s Jamf integration enables you to control which computers and accounts should be automatically marked in and out of scope in Vanta by creating and managing Vanta groups within Jamf.

 

  • Log in to Jamf Pro and click Settings in the left sidebar
  • Navigate to Network > Sites.
  • Create a site that will be used to scope accounts and computers in and out of Vanta by clicking the New button on the top right corner. The name needs to start with Vanta followed by any text, i.e. Vanta Employees.
  • Assign the group in Vanta to the desired accounts and computers. For more detailed instructions, visit the Jamf Pro product documentation.

 

Enable the feature in Vanta

  • Navigate to Integrations.
  • Under your connected integrations, find MDM > Jamf Pro.
  • Click Configure scope

  • Enable the MDM scoping toggle next to Control scope with Jamf

  • Select the group(s) you want to scope computers and accounts with. Then, click Publish changes.

  • Once Jamf scoping is enabled, all account and computer scope will be managed through Jamf, and the scope toggles for each account and computer will be disabled. Vanta will update the scope status for MDM accounts and computers of the following data fetch, which happens hourly.






 

Updated