how to write a Custom Rate Limiting Policy in wso2 api manager(3.2.0) admin portal to block all request comes except some IP addresses to call a specific resource in rest api and also what I fill in key template section?
The easiest way is to create a Custom Mediation sequence(API Specific policy) and use something like the Throttle Mediator to block any IPs. You can add the policy per resource or for the entire API.
Update
Just observed that you are using APIM 3.2. Here is the relevant document for 3.2.0. But in 3.2.0 you can't apply the policy per resource. But in your custom mediation flow you can check the resource path and then apply the throttle mediator. For this you can use the Filter Mediator. You should be able to read the resource path with the following property.
<property name="ContextPath" expression="$axis2:REST_URL_POSTFIX" scope="axis2"/>