return auditinternal.RequestAuditConfig{
				Level:             rule.Level,
				OmitStages:        rule.OmitStages,
				OmitManagedFields: isOmitManagedFields(&rule, p.OmitManagedFields),
			}
		}
	}

	return auditinternal.RequestAuditConfig{
		Level:             DefaultAuditLevel,
		OmitStages:        p.OmitStages,
		OmitManagedFields: p.OmitManagedFields,
	}
}

	}
	successCases = append(successCases, audit.Policy{})                         // Empty policy is valid.
	successCases = append(successCases, audit.Policy{OmitStages: []audit.Stage{ // Policy with omitStages
		audit.Stage("RequestReceived")}})
	successCases = append(successCases, audit.Policy{Rules: validRules}) // Multiple rules.

	for i, policy := range successCases {
		if errs := ValidatePolicy(&policy); len(errs) != 0 {

			return
		}

		if !ac.Enabled() {
			handler.ServeHTTP(w, req)
			return
		}
		ev := &ac.Event

		ctx := req.Context()
		omitStages := ac.RequestAuditConfig.OmitStages

		ev.Stage = auditinternal.StageRequestReceived
		if processed := processAuditEvent(ctx, sink, ev, omitStages); !processed {
			audit.ApiserverAuditDroppedCounter.WithContext(ctx).Inc()

	if in.Rules != nil {
		in, out := &in.Rules, &out.Rules
		*out = make([]PolicyRule, len(*in))
		for i := range *in {
			(*in)[i].DeepCopyInto(&(*out)[i])
		}
	}
	if in.OmitStages != nil {
		in, out := &in.OmitStages, &out.OmitStages
		*out = make([]Stage, len(*in))
		copy(*out, *in)
	}
	return
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

	Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`

	// OmitStages is a list of stages for which no events are created. Note that this can also
	// be specified per rule in which case the union of both are omitted.
	// +optional
	// +listType=atomic
	OmitStages []Stage `json:"omitStages,omitempty" protobuf:"bytes,3,rep,name=omitStages"`

	// OmitManagedFields indicates whether to omit the managed fields of the request

func autoConvert_v1_Policy_To_audit_Policy(in *Policy, out *audit.Policy, s conversion.Scope) error {
	out.ObjectMeta = in.ObjectMeta
	out.Rules = *(*[]audit.PolicyRule)(unsafe.Pointer(&in.Rules))
	out.OmitStages = *(*[]audit.Stage)(unsafe.Pointer(&in.OmitStages))
	out.OmitManagedFields = in.OmitManagedFields
	return nil
}

// Convert_v1_Policy_To_audit_Policy is an autogenerated conversion function.

)

// ValidatePolicy validates the audit policy
func ValidatePolicy(policy *audit.Policy) field.ErrorList {
	var allErrs field.ErrorList
	allErrs = append(allErrs, validateOmitStages(policy.OmitStages, field.NewPath("omitStages"))...)
	rulePath := field.NewPath("rules")
	for i, rule := range policy.Rules {
		allErrs = append(allErrs, validatePolicyRule(rule, rulePath.Index(i))...)
	}
	return allErrs
}

	if in.Rules != nil {
		in, out := &in.Rules, &out.Rules
		*out = make([]PolicyRule, len(*in))
		for i := range *in {
			(*in)[i].DeepCopyInto(&(*out)[i])
		}
	}
	if in.OmitStages != nil {
		in, out := &in.OmitStages, &out.OmitStages
		*out = make([]Stage, len(*in))
		copy(*out, *in)
	}
	return
}

// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

	if m.OmitManagedFields {
		dAtA[i] = 1
	} else {
		dAtA[i] = 0
	}
	i--
	dAtA[i] = 0x20
	if len(m.OmitStages) > 0 {
		for iNdEx := len(m.OmitStages) - 1; iNdEx >= 0; iNdEx-- {
			i -= len(m.OmitStages[iNdEx])
			copy(dAtA[i:], m.OmitStages[iNdEx])
			i = encodeVarintGenerated(dAtA, i, uint64(len(m.OmitStages[iNdEx])))
			i--
			dAtA[i] = 0x1a
		}
	}
	if len(m.Rules) > 0 {

type RequestAuditConfig struct {
	// Level at which the request is being audited at
	Level audit.Level

	// OmitStages is the stages that need to be omitted from being audited.
	OmitStages []audit.Stage

	// OmitManagedFields indicates whether to omit the managed fields of the request
	// and response bodies from being written to the API audit log.
	OmitManagedFields bool