Skip to Content
PlatformFeaturesAsset Inventory

Asset Inventory

The Asset Inventory is a unified view of all your cloud resources across every connected integration. Resources from AWS, GCP, Azure, and any other synced provider appear in a single inventory with consistent schemas, searchable attributes, and organized categories.

How It Works

After you set up integrations and run a sync, your cloud resources are normalized into a common schema and loaded into the Asset Inventory. The inventory updates after each sync, so it reflects the latest state of your infrastructure.

The Asset Inventory has three main areas:

  • Left sidebar: browse resources by category
  • Main table: view, sort, and filter resources
  • Detail panel: inspect individual resource attributes (opens when you click a row)

Resource Categories

The left sidebar organizes assets into categories:

  • Compute: EC2 instances, VMs, managed instance groups
  • Storage: S3 buckets, disks, blob storage
  • Networking: VPCs, subnets, load balancers, DNS
  • Databases: RDS, Cloud SQL, Cosmos DB
  • Containers: EKS, GKE, AKS clusters and workloads
  • Identity: IAM users, roles, service accounts
  • Serverless: Lambda functions, Cloud Functions
  • Logging: CloudTrail, audit logs
  • Threat detection: GuardDuty, Security Command Center
  • And more (Administration, Batch Processing, Queues, Endpoint Management, Vulnerability Management)

Select All Resources to view everything, or select a category to filter to those resource types. Each category shows the total resource count. You can also search category names using the search field at the top of the sidebar.

Search, Filters, Grouping

The top part of the Asset Inventory allows you to search, filter, and group resources by their properties.

To filter resources by their properties, click the Filter by and select one of the properties, an operator, and the available values. You can add additional filters and change the logical operator (AND/OR) between them by clicking the logical operator in the input box. Combined filter with a specified account name and region

To perform a full-text search, type your search query in the designated input.

full text search input

The full text search input takes an arbitrary string and searches for its existence in the cloud resources and their metadata (including their JSON columns).

You can use logical operators in the full text search input as well. Use backslash \ to escape special characters that have other meaning, such as asterisk * .

Example full text search queries:

  • "picture-service": finds all resources with the “picture-service” in one of the indexed columns.
  • "picture-service" OR "auth-service": finds all resources with the “picture-service” or “auth-service” in one of the indexed columns.
  • "test" AND NOT "latest": finds all resources with “test” but not containing “latest”.

Saved Filters

Save frequently used filters for reuse. Saved filters can be shared with your team and reapplied from the saved filters panel. They are also available via the REST API and can be used as scopes when creating policies.

Resource Details

Click any row in the table to open the detail panel on the right side. The detail view has three tabs:

  • Resource details: the resource’s cloud provider, name, type, region, CloudQuery ID, last sync time, tags, and custom column values
  • Related resources: resources connected to the selected asset based on table relationships, with the ability to filter by resource type
  • Insights: Insights findings that affect this resource, so you can see security, cost, and compliance issues in context

Customizing Columns

Click the column settings icon to show or hide columns in the table. You can:

  • Toggle individual columns on or off
  • Show or hide all columns at once
  • Restore the default column set

Default columns include: Cloud, Resource Type, Account, Name, Region, and Tags. Custom columns appear alongside the defaults and can be toggled the same way.

Exporting Data

Use the export button to download the current filtered and sorted view as a file.

Going Deeper with SQL

For queries that go beyond the search syntax (joins across tables, aggregations, or complex conditions), use the SQL Console to write ClickHouse SQL directly against your synced data.

To analyze your inventory for security risks, compliance gaps, and cost optimization opportunities, use Insights.

  • SQL Console: run ClickHouse SQL queries against your synced data
  • Policies: define detective controls that continuously evaluate your resources
  • Reports: build visualizations and dashboards from your asset data
  • Insights: analyze your inventory for security risks, compliance gaps, and cost optimization
  • Custom columns: add computed or enrichment columns to the inventory

Next Steps

  • SQL Console - Write advanced SQL queries against your cloud data
  • Policies - Create rules to monitor asset compliance
  • Alerts - Get notified when asset conditions are met
Was this page helpful?

Last updated on

Custom ContextInsights