# Taxonomy
{% hint style="danger" %}
### **The BastionZero product is maintained for existing BastionZero customers only.**
Moving forward, we are natively rebuilding BastionZero’s technology as Cloudflare’s [Access for Infrastructure](https://developers.cloudflare.com/cloudflare-one/applications/non-http/infrastructure-apps/) service.
{% endhint %}
| Term | Definition |
| ---------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Target | A machine we connect to. |
| Environment | A group of targets that can be accessed simultaneously. Environments are uniquely named and each user requests explicit access to each environment via a policy attached to their account. |
| Connection | A terminal to a target. You can have multiple connections (i.e., terminals) to a single target in a given space. |
| Policy | A triplestore statement (subject, verb, object) where the subject is the user/group, the verb is the type of access allowed, and the object is the target/environment. |
| Session recording | A video recording of a user or group shell session from the web app or `zli`. |
| `zli` | BastionZero's command line interface tool, also known as the zero-trust command line interface |
| BastionZero web app | BastionZero's web UI for connecting to targets, monitoring logs and session recordings, authoring policies, managing users, creating environments. This can be found at `cloud.bastionzero.com`. |
| Agent | Installed on targets to enable MrZAP and target autodiscovery. These agents are built from the [BastionZero open-source agent](https://github.com/bastionzero/bzero). Two unique agents are built from the single open-source project, a docker container hosted on dockerhub and used for k8s targets and a systemD executable used for servers, VMs, and containers. |
| Add a new target | When we input the configuration information for a target, for instance its IP address, SSH key, alias, etc. |
| Added target | A target for which we have already stored the configuration information, for instance its IP address, SSH key, alias etc. |
| Connect to a target | Open a terminal to a target. |
| Find a target | When the end user wants to search through the saved targets in order to find a known target. |
| Reconnect to a target | When a target that is already in a space has gone offline, and we want to see if the target is back online so that we can shell into that target. |
| Lost connection | When a server goes offline while the terminal is open. |
| Autodiscovered targets | Targets with the bz-agent installed. |
| Provisioning ID | User/organization’s GUID in BastionZero system. |
| Provisioning secret | Mechanism of linking autodiscovery target to account ID. |
| Manual targets | Ones that are configured by hand/API. |
| Command history | A collection of a user's previous commands. |
| Connection event | An event log of some state change to the connection (see events below), includes metadata about the connection (space, target, user, time). |
| Connection history | A collection of a user's previous connections (i.e., what targets they attached to). |
| User event history | Actions taken by user (i.e., policy changes, targets added/removed, user invites). |
| Connection event: opened | A connection has been initiated by the backend but no frontend connection has been made yet. |
| Connection event: inactive | A connection has been opened by a user and left in a space with no other users reading/writing to it. |
| Connection event: active | A connection is being viewed by a user. |
| Connection event: disconnect | The backend connection has been dropped for some reason. The backend will attempt to reconnect. |
| Connection event: connect | The backend has connected to the target or has reconnected within the same terminal. |
| Connection event: closed | Final state. The connection has been terminated from the backend. |
| Connection table | Table of all connections made and the current state they are in (it is a function of connection events). |
| Allow (allowed) | When a policy check passes (i.e., Alice was allowed access to ENV via POLICY) |
| Deny (denied) | When a policy check fails (i.e., Alice was denied access to ENV). Policy checks by default deny until a successful policy is found. |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.bastionzero.com/docs/home/taxonomy.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.