docs: add context-aware example

Signed-off-by: Fabrizio Sestito <[email protected]>

rfc/0020-policy-group.md

@@ -57,7 +57,7 @@ spec:
       operations:
         - CREATE
         - UPDATE
-
+  backgroundAudit: true
   policies:
     - name: sigstore_pgp
       module: ghcr.io/kubewarden/policies/verify-image-signatures:v0.2.8
@@ -84,6 +84,40 @@ spec:
   message: "The policy group is rejected."
 ```
 
+### Audit
+
+Similar to the `AdmissionPolicy` and `ClusterAdmissionPolicy` CRDs, the `backgroundAudit` field will be used to specify if the policy group should be used or skipped when performing audit checks.
+
+### Context-aware rules
+
+The `AdmissionPolicyGroup` and `ClusterAdmissionPolicyGroup` CRDs support context-aware capabilities.
+The CRD will have [contextAwareResource](https://docs.kubewarden.io/reference/CRDs#contextawareresource) field to specify the resources tha the policy group si allowed to access at evaluation time.
+Note that the `contextAwareResource` field will be global for the policy group and will not be specified for each policy in the group.
+
+Example:
+
+````yaml
+apiVersion: policies.kubewarden.io/v1
+kind: ClusterAdmissionPolicyGroup # or AdmissionPolicyGroup
+metadata:
+  name: context-aware-group
+spec:
+    rules:
+      - apiGroups: [""]
+        apiVersions: ["v1"]
+        resources: ["pods"]
+        operations:
+            - CREATE
+            - UPDATE
+    policies:
+        # policies here
+    contextAwareResource:
+        - apiVersion: "v1"
+          kind: "Pod"
+    expression: "policy_1() && policy_2()"
+    message: "The policy group is rejected."
+```
+
 ### Expression language
 
 We will use [CEL](https://github.com/google/cel-go) as the expression language for the policy groups.
@@ -116,7 +150,7 @@ This is an example of the response that will be returned when the policy group i
     ]
   }
 }
-```
+````
 
 ### Reconciliation