:doc:`WAFV2 <../../wafv2>` / Client / get_rate_based_statement_managed_keys

*************************************
get_rate_based_statement_managed_keys
*************************************



.. py:method:: WAFV2.Client.get_rate_based_statement_managed_keys(**kwargs)

  

  Retrieves the IP addresses that are currently blocked by a rate-based rule instance. This is only available for rate-based rules that aggregate solely on the IP address or on the forwarded IP address.

   

  The maximum number of addresses that can be blocked for a single rate-based rule instance is 10,000. If more than 10,000 addresses exceed the rate limit, those with the highest rates are blocked.

   

  For a rate-based rule that you've defined inside a rule group, provide the name of the rule group reference statement in your request, in addition to the rate-based rule name and the web ACL name.

   

  WAF monitors web requests and manages keys independently for each unique combination of web ACL, optional rule group, and rate-based rule. For example, if you define a rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF monitors web requests and manages keys for that web ACL, rule group reference statement, and rate-based rule instance. If you use the same rule group in a second web ACL, WAF monitors web requests and manages keys for this second usage completely independent of your first.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/wafv2-2019-07-29/GetRateBasedStatementManagedKeys>`_  


  **Request Syntax**
  ::

    response = client.get_rate_based_statement_managed_keys(
        Scope='CLOUDFRONT'|'REGIONAL',
        WebACLName='string',
        WebACLId='string',
        RuleGroupRuleName='string',
        RuleName='string'
    )
    
  :type Scope: string
  :param Scope: **[REQUIRED]** 

    Specifies whether this is for a global resource type, such as a Amazon CloudFront distribution. For an Amplify application, use ``CLOUDFRONT``.

     

    To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows:

     

    
    * CLI - Specify the Region when you use the CloudFront scope: ``--scope=CLOUDFRONT --region=us-east-1``.
     
    * API and SDKs - For all calls, use the Region endpoint us-east-1.
    

    

  
  :type WebACLName: string
  :param WebACLName: **[REQUIRED]** 

    The name of the web ACL. You cannot change the name of a web ACL after you create it.

    

  
  :type WebACLId: string
  :param WebACLId: **[REQUIRED]** 

    The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete.

    

  
  :type RuleGroupRuleName: string
  :param RuleGroupRuleName: 

    The name of the rule group reference statement in your web ACL. This is required only when you have the rate-based rule nested inside a rule group.

    

  
  :type RuleName: string
  :param RuleName: **[REQUIRED]** 

    The name of the rate-based rule to get the keys for. If you have the rule defined inside a rule group that you're using in your web ACL, also provide the name of the rule group reference statement in the request parameter ``RuleGroupRuleName``.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'ManagedKeysIPV4': {
              'IPAddressVersion': 'IPV4'|'IPV6',
              'Addresses': [
                  'string',
              ]
          },
          'ManagedKeysIPV6': {
              'IPAddressVersion': 'IPV4'|'IPV6',
              'Addresses': [
                  'string',
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **ManagedKeysIPV4** *(dict) --* 

        The keys that are of Internet Protocol version 4 (IPv4).

        
        

        - **IPAddressVersion** *(string) --* 

          The version of the IP addresses, either ``IPV4`` or ``IPV6``.

          
        

        - **Addresses** *(list) --* 

          The IP addresses that are currently blocked.

          
          

          - *(string) --* 
      
    
      

      - **ManagedKeysIPV6** *(dict) --* 

        The keys that are of Internet Protocol version 6 (IPv6).

        
        

        - **IPAddressVersion** *(string) --* 

          The version of the IP addresses, either ``IPV4`` or ``IPV6``.

          
        

        - **Addresses** *(list) --* 

          The IP addresses that are currently blocked.

          
          

          - *(string) --* 
      
    
  
  **Exceptions**
  
  *   :py:class:`WAFV2.Client.exceptions.WAFInternalErrorException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFInvalidParameterException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFNonexistentItemException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFInvalidOperationException`

  
  *   :py:class:`WAFV2.Client.exceptions.WAFUnsupportedAggregateKeyTypeException`

  