Sample Queries for Asset Explorer

About the Author: Vijay Prasath Pattur Mohankumar (Lead Engineer - Asset Explorer)

In the new CloudHealth experience (NX), the Asset Explorer is a feature designed to provide a flexible, multi-cloud view of your discovered inventory across various providers and accounts. It allows you to query specific entities to view their configuration details, associated tags, and dependencies, including graphical representations of relationships with other resources.

Queries in Asset Explorer

The Search feature uses AssetQL, which allows for complex search queries against the CH database. The following are some AssetQL search queries that can expose the resource optimization opportunities for the CloudHealth customers.

Queries

Query: AWS.S3.Bucket has properties.IsPubliclyAccessible = true 

Business Value: Find publicly accessible S3 buckets. Beyond catastrophic security risk, public buckets often incur unexpected egress charges from unauthorized access. 

Category: Storage Optimization

Query: AWS.EC2.Instance has properties.PublicIp != _NULL_ and properties.State != (running,terminated,shutting-down) 

Business Value: Find instances with Idle IP Addresses. IP Addresses are chargeable and hence can be unassociated. 

Category: Compute Optimization

Query: AWS.S3.Bucket has properties.ObjectCount > 10000 AND properties.StorageInGb < 100 

Business Value: Find buckets with small objects. S3 charges per-request. Consolidating small objects or using S3 Intelligent-Tiering reduces both storage and request costs. 

Category: Storage Optimization

Query: AWS.EC2.Volume has properties.VolumeType = gp2 and properties.SizeInGb > 100 

Business Value: Identify large GP2 volumes eligible for GP3 migration. GP3 offers 20% cost savings and 4x better baseline performance. No downtime required for migration. 

Category: Storage Optimization

Query: AWS.Lambda.Function has properties.MemorySize = 128 and properties.FunctionTimeout = 3 

Business Value: Find Lambda functions with default minimal configuration. These often timeout or underperform. Right-sizing memory often improves performance AND reduces cost. 

Category: Serverless Optimization

Query: AWS.DynamoDB.Table has properties.ProvisionedReadCapacityUnits > 100 and ItemCount < 100 

Business Value: Find DynamoDB tables with over-provisioned capacity relative to item count. Switch to on-demand pricing or reduce provisioned capacity for cost efficiency. 

Category: Dynamodb Optimization

Query: AWS.Sagemaker.NotebookInstance has properties.NotebookInstanceStatus = InService and properties.LastModifiedTime < daysAgo(15) 

Business Value: Find idle SageMaker notebooks running for months. ML experiments often leave expensive GPU instances running. One forgotten ml.p3.2xlarge costs $3,000/month. 

Category: AI/ML Optimization

Relationships

Query: AWS.EC2.Instance has properties.State = stopped -> AWS.EC2.Volume

Business Value: Find volumes attached to stopped instances. These continue billing.

Category: Compute Optimization

Query: AWS.EC2.Instance -> AWS.EC2.AutoScalingGroup has properties.HasScalingPolicies = 0

Business Value: Find instances in Auto Scaling Groups without scaling policies. Without dynamic scaling, you're paying peak capacity 24/7 instead of scaling based on demand.

Category: Compute Optimization 

Query: AWS.Elasticloadbalancing.LoadBalancer !-> AWS.EC2.Instance

Business Value: Find Idle Load balancers not associated with any EC2 Instances - often forgotten assets.

Category: Compute Optimization 

Query: Azure.Compute.Vm has not tag.cost_center !-> Azure.Compute.VmScaleSet

Business Value: Find orphan VMs not in scale sets without application tagging. Untagged standalone VMs are prime candidates for waste.

Category: Compute Optimization

Aggregation

Query: AWS.Elasticloadbalancing.LoadBalancer count(properties.Scheme)

Business Value: Internet-facing vs Internal load balancer distribution. Understanding your exposure surface helps with security posture and architecture decisions.

Category: Network Exploration

Query: Azure.Sql.Database count(properties.ServiceTier)

Business Value: Basic/Standard/Premium/Business Critical/Hyperscale distribution. Tier misalignment is common. Many Premium databases could run on Standard.

Category: Storage Optimization