Jargon
When reading about Morio, you may encounter terms you are unfamiliar with.
This page — along with our terminology pages — attempt to remediate that:
Use as:_abac_
ABAC
_abac_
Attribute-based access control (ABAC) is an abstraction to configure user permissions in computer systems, not unlike role-based access control ().
The difference is in how permissions are mapped to users. With RBAC, each user has one or more roles that govern their access level.
With ABAC, an attribute of the user's account info is used to assign privileges. A common example is to use group membership as a way to bestow privileges on users.
Use as:_ami_
AMI
_ami_
An Amazon Machine Image (AMI) is a type of virtual machine image format suitable for deployment on the EC2 compute service of Amazon Web Services (AWS).
Use as:_aws_
AWS
_aws_
Amazon Web Services is the world's largest cloud service provider.
Learn more at aws.amazon.com.
Use as:_cert-eu_
CERT-EU
_cert-eu_
CERT-EU is the Cybersecurity Service for the Institutions, Bodies, Offices and Agencies of the European Union, the home of Morio.
Learn more at cert.europa.eu.
Use as:_ci_
CI
_ci_
CI stands for Continuous Integration. In the context of Morio, we use it as shorthand for CI/CD, which combines CI with Continuous Deployment. We use CI to refer to the automation in building, testing, and deploying changes in software.
To learn more, the CI and CI/CD articles on Wikipedia are a good starting point.
Use as:_dry_
DRY
_dry_
In programming, DRY stands for Don’t Repeat Yourself. The idea being that you should not write the same thing twice, rather everything should have its place.
This way, when you need to make a change, you only need to change it in one place.
Use as:_fqdn_
FQDN
_fqdn_
FQDN stands for Fully Qualified Domain Name, a name the specifies the exact location of a host by combining host name and domain name.
apt.repo.morio.it
is an example of an FQDN.
Use as:_gitops_
GITOPS
_gitops_
GitOps is an operational framework that takes DevOps best practices used for application development such as version control, collaboration, compliance, and CI/CD, and applies them to infrastructure automation.
GitLab has a free Ebook on gitops that is a good starting point to learn more.
Use as:_iam_
IAM
_iam_
Identity and Access Management (IAM) is all about who can do what.
The who
part is identity, and the what
part is access management.
Together, we refer to them as IAM.
IAM strives to ensure that users have access to the correct resources.
Use as:_iicb_
IICB
_iicb_
The IICB is the European Union's Interinstitutional Cybersecurity Board and the governing body of CERT-EU, the home of Morio.
Use as:_mdx_
MDX
_mdx_
MDX lets you use JSX in your markdown content. It allows you to import components, and embed them within your content. This makes writing markdown with custom components a blast.
Learn more at mdxjs.com.
Use as:_monorepo_
Monorepo
_monorepo_
A monorepo is a repository that combines source code for different project, packages, or services into a single source code repository. This facilitates sharing code, functionality, and dependencies.
The Morio monorepo, or monorepo for short, is the repository hosting the Morio source code.
You can find it at github.com/certeu/morio
Use as:_mtls_
mTLS
_mtls_
mTLS or Mutual TLS utilises Transport Layer Security (TLS) to not only authenticate the server by its certificate, but also the client.
It is an authentication method that identifies both parties with a certificate, rather than the much more common TLS where only the server is identified.
Use as:_pkce_
PKCE
_pkce_
Proof Key for Code Exchange or PKCE (pronounced pixy
) is an OpenID
Connect flow that is specifically designed to protect against authorisation
code interception attacks.
It is typically used in scenarios where the client secret cannot be protected, such as native mobile apps, or single page applications.
While the Morio UI service is a single page application, any OpenID Connect client secret is not available in the frontend code since the OpenID flow is initiated by the Morio API service.
Still, Morio implements the PKCE flow for OpenID Connect as an extra layer of protection according to the defence in depth principle.
Use as:_rbac_
RBAC
_rbac_
Role-based access control (RBAC) is an abstraction to configure user permissions in computer systems. Rather than assign rights to users directly, rights are assigned to roles. Users are then in turn assigned to one or more roles.
For example, if user tony
manages the support team and requires extra
privileges to do their job, rather than assign those rights directly to Tony,
with RBAC we will assign those rights to a manager
role, and then assign that
manager
role to Tony.
Use as:_run scripts_
or _run script_
Run scripts
_run scripts_
or _run script_
NPM run scripts, or run scripts for short, refer to scripts defined in the scripts section of a NodeJS package.json file. These scripts are typically used for all sorts of housekeeping an automation.
For more info, refer to the NPM docs on scripts.
Use as:_workspaces_
or _workspace_
Workspaces
_workspaces_
or _workspace_
NPM workspaces is is a generic term that refers to the set of features in the npm cli that facilitate handling NodeJS dependencies inside a monorepo.
For example, both the core and api folders rely on common dependencies. Rather than installing them twice, through the use of workspaces they will be installed the monorepo root, and shared.
There is more to workspaces, as it is a somewhat advanced feature of NPM, but that's not really relevant for Morio. If you want to learn more, refer to the NPM documentation on workspaces.