WAFV2 / Client / get_rate_based_statement_managed_keys
get_rate_based_statement_managed_keys#
- WAFV2.Client.get_rate_based_statement_managed_keys(**kwargs)#
- Retrieves the keys that are currently blocked by a rate-based rule instance. The maximum number of managed keys that can be blocked for a single rate-based rule instance is 10,000. If more than 10,000 addresses exceed the rate limit, those with the highest rates are blocked. - For a rate-based rule that you’ve defined inside a rule group, provide the name of the rule group reference statement in your request, in addition to the rate-based rule name and the web ACL name. - WAF monitors web requests and manages keys independently for each unique combination of web ACL, optional rule group, and rate-based rule. For example, if you define a rate-based rule inside a rule group, and then use the rule group in a web ACL, WAF monitors web requests and manages keys for that web ACL, rule group reference statement, and rate-based rule instance. If you use the same rule group in a second web ACL, WAF monitors web requests and manages keys for this second usage completely independent of your first. - See also: AWS API Documentation - Request Syntax - response = client.get_rate_based_statement_managed_keys( Scope='CLOUDFRONT'|'REGIONAL', WebACLName='string', WebACLId='string', RuleGroupRuleName='string', RuleName='string' ) - Parameters:
- Scope (string) – - [REQUIRED] - Specifies whether this is for an Amazon CloudFront distribution or for a regional application. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, a Amazon Cognito user pool, or an App Runner service. - To work with CloudFront, you must also specify the Region US East (N. Virginia) as follows: - CLI - Specify the Region when you use the CloudFront scope: - --scope=CLOUDFRONT --region=us-east-1.
- API and SDKs - For all calls, use the Region endpoint us-east-1. 
 
- WebACLName (string) – - [REQUIRED] - The name of the web ACL. You cannot change the name of a web ACL after you create it. 
- WebACLId (string) – - [REQUIRED] - The unique identifier for the web ACL. This ID is returned in the responses to create and list commands. You provide it to operations like update and delete. 
- RuleGroupRuleName (string) – The name of the rule group reference statement in your web ACL. This is required only when you have the rate-based rule nested inside a rule group. 
- RuleName (string) – - [REQUIRED] - The name of the rate-based rule to get the keys for. If you have the rule defined inside a rule group that you’re using in your web ACL, also provide the name of the rule group reference statement in the request parameter - RuleGroupRuleName.
 
- Return type:
- dict 
- Returns:
- Response Syntax - { 'ManagedKeysIPV4': { 'IPAddressVersion': 'IPV4'|'IPV6', 'Addresses': [ 'string', ] }, 'ManagedKeysIPV6': { 'IPAddressVersion': 'IPV4'|'IPV6', 'Addresses': [ 'string', ] } } - Response Structure - (dict) – - ManagedKeysIPV4 (dict) – - The keys that are of Internet Protocol version 4 (IPv4). - IPAddressVersion (string) – - The version of the IP addresses, either - IPV4or- IPV6.
- Addresses (list) – - The IP addresses that are currently blocked. - (string) – 
 
 
- ManagedKeysIPV6 (dict) – - The keys that are of Internet Protocol version 6 (IPv6). - IPAddressVersion (string) – - The version of the IP addresses, either - IPV4or- IPV6.
- Addresses (list) – - The IP addresses that are currently blocked. - (string) – 
 
 
 
 
 - Exceptions - WAFV2.Client.exceptions.WAFInternalErrorException
- WAFV2.Client.exceptions.WAFInvalidParameterException
- WAFV2.Client.exceptions.WAFNonexistentItemException
- WAFV2.Client.exceptions.WAFInvalidOperationException