8 min read

Expanded Search Enables Easy Creation of Custom Cloud Hava Diagrams

May 21, 2020


Hava is happy to announce the release of a significant enhancement to the search functions used to help you quickly locate cloud resources and create custom infrastructure diagrams.

Hava automates the creation and update of cloud infrastructure diagrams, security profiles and version control logs across multiple cloud vendors. 

Both the SaaS version and self hosted enterprise deployments of Hava allow you to track and create documentation of your AWS, GCP and Azure environments on the same diagrams thus reflecting the real world deployment of multi cloud hybrid network design.

Out of the box, Hava connects to your cloud accounts and produces a network map that is logically laid out by VPC or Virtual Network for each data source connected.

Very early in the development of Hava we were aware that clients needed the ability to segment and narrow down diagrams to show just the information related to a particular project or deployment.

As cloud infrastructure expanded and architecture started spanning multiple vendors, the need to pull in hybrid cloud designs also became apparent, as did the need to be able to quickly locate specific resources amongst the potentially tens of thousands of configured resources across larger accounts with potentially hundreds of connected data sources.

Enter Hava Search



The "Search" function built into Hava is a custom diagram builder. 

It finds all the resources that match your search criteria and creates a new 'custom' diagram on the fly that you can then view and discard, or save for future use.  Any saved custom diagrams are automatically updated (with version history) just like the auto generated infrastructure diagrams that are created when you first connect your cloud accounts to Hava.

The hava.io custom search feature has been available for a number of years, however the latest iteration has introduced new and more powerful operators and operands to enable granular inspection of your cloud environments.

Search Operators 

Joining queries with ‘and '

"And" allows you to join queries together to limit or expand the results returned.

Search_Andwill search for all resources that are EC2 Instances AND are within the VPC vpc-1234


Joining queries with ‘or '


will return resources within us-west-1 OR within us-west-2


Excluding matches with '-' (minus)

By adding a minus ( - ) before your search token you can remove any resources that match a query.


 will return resources that are in the VPC vpc-1234 and don’t have a name starting with ‘dev-’


Grouping queries with brackets

You can also group a set of tokens together to create more complex queries by surrounding them with brackets.


will return all resources within the VPC vpc-1234 that have the tag CostCenter with a value of either dev or test.


Doing a DEEP SEARCH using @

Sometimes you not only want to see the matched resources, but anything connected to them as well. You may want to find your instances but also see their load balancers without having to specify them. Or perhaps you want to see your ECS clusters as well as the instances they are running on.


 will return all instances, as well as connected resources such as load balancers and ECS clusters.

@CostCenter:dev and vpc:vpc-1234 will return all resources with the tag CostCenter and value dev that are in the VPC vpc-1234. It will then also return any resources connected to them as well on the resulting AWS VPC diagram

⚠️  Any resources returned with the Deep Search operator will be returned after the search is complete, and will not be matched against the query itself. If you search for a specific tag with the deep search operator it may return resources without that tag, for instance.



Complex Queries

Using these operators and tokens a range of complex queries can be created.


What you should get in this case is a diagram with two VPCs:

  • vpc-1234 containing any resources with a CostCenter of either dev or test and aren’t owned by Jim Smith

  • vpc-4567 containing all the databases within it, all the instances within it, and any resources connected to the instances.


Search Tokens


Returns anything with the matching IP

ip:  will match the exact IP

ip:10.1.*   will match the range


Returns anything with the matching name

name:MyInstance will match the exact name

name:My*   will match anything starting with ‘My’

name:”My Other Instance” will match a name with spaces or other special characters


Returns everything in the project - works for Google Cloud


Returns anything in the region - works for AWS, Azure, and Google Cloud.

region:us-west-1 or region:us-west-2


Returns everything in the resource_group - works for Azure


Returns anything in this source.


The source needs to be selected from the suggestion list.


Returns everything in the subnet - works for AWS, Azure and Google Cloud


Returns anything matching the type.

The type name needs to be selected from the suggestion list as the format needs to match allowed values.



Return everything within the Virtual Network for Azure


Search for everything in a VPC - works for Google Cloud and AWS

vpc:vpc-1234 will return everything in vpc-1234

vpc:vpc-1234 or vpc:vpc-5678 will return both VPCs

Any other value followed by ' : '   (Tags)

Any other token is considered a tag and works across AWS, Azure and Google Cloud

CostCenter:dev will return everything with the tag named CostCenter with the value dev

"aws:deployment:name”:”Test Deployment”  will handle tag names and values with spaces or special characters

Location:US* will search for a tag called Location with any values starting with US

The new hava search provides massive flexibility when you are looking to visualize your cloud environments. 

If this is the first time you have come across hava.io you can view a walk through video on the home page which will run you through automating your cloud infrastructure diagrams and editing Hava diagrams using draw.io

If you are already a valued customer, simply refreshing your dashboard will make the new enhanced search features available.

If you are not part of the Hava family yet and are looking after any AWS, Azure or Google Cloud infrastructure, you can take a free 14 day trial (no credit card required) and start reaping the benefits of automated cloud documentation, tracking changes via interactive version history and having access to a unique AWS security diagram that makes it extremely simple to spot vulnerabilities in your network design.



If you would like a personal (zero pressure) 1:1 demo of Hava, shoot an email to sales@hava.io or hit the button below to jump into a 14 day no obligation free trial.


Team Hava

Written by Team Hava

The Hava content team