The person who decides a policy for a computer system may not be the same person who creates an object that embodies the policy for the computer system. Furthermore, the person who creates, manages, or decides the object may not be the same person who has permission to configure the computer system to apply the policy embodied by the object. Granting permission to the policy decider or the policy object creator to configure the computer system to enforce the policy may weaken the security of the computer system, increase the risk of performance issues from poor configuration choices, violate regulatory or corporate policy, or have other potential adverse consequences.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one exemplary technology area where some embodiments described herein may be practiced.