Customizable trust-based dynamic access control system

What is claimed is: 1. A system comprising: computer-readable memory storing executable instructions; and at least one computing device in communication with the computer-readable memory and programmed by the executable instructions to: receive a first set of information that defines one or more trust providers, wherein the one or more trust providers provide information regarding at least: first identity information regarding a user requesting access a network application available on a cloud provider network; and second identity information regarding a device of the user; receive a second set of information that defines one or more application groups, wherein each application group of the one or more application groups comprise one or more network applications available on the cloud provider network; create, based at least in part on the second set of information, the one or more application groups; receive a third set of information that defines a network application policy, wherein the network application policy comprises instructions to: determine, based at least in part on first set of information, that the first identity information and second identity information maps at least to: an access level of at least one application group of the one or more application groups; an access level of a network segment of the cloud provider network; a sharing option for sharing the first identity information and second identity information with a network firewall on the cloud provider network; or a denial of mapping to either the network segment or application group; and configure a dynamic access control system to implement the network application policy. 2. The system of claim 1 , wherein the access level of the at least one application group is based at least in part on the first identity information comprising an employment role associated with the user. 3. The system of claim 1 , wherein the access level of the network segment of the cloud provider network is based at least in part on the second identity information indicating the device of the user is a mobile device or a desktop computing device. 4. The system of claim 1 , wherein the sharing option is based at least in part on the second identity information at least comprising of a geolocation of the device of the user. 5. A computer-implemented method comprising: under control of a computing system associated with a cloud provider network, the computing system comprising one or more computer processors configured to execute specific instructions: receiving trust provider data specifying one or more items of trust information to be made available for use in controlling access to a network resource available on the cloud provider network, wherein the network resource is associated with a client of the cloud provider network; receiving, from a client computing system associated with the client, policy data associated with an access policy, wherein the policy data specifies one or more evaluations to be applied to the trust information, and wherein access determinations for the network resource are to be based on the one or more evaluations; and configuring an access control system on the cloud provider network to control access to the network resource based on the access policy. 6. The computer-implemented method of claim 5 , wherein configuring the access control system to control access to the network resource based on the access policy comprises configuring the access control system to determine whether trust information associated with a request for the network resource satisfies one or more criteria, and wherein the request is sent to the network resource in response to determining the request satisfies the one or more criteria. 7. The computer-implemented method of claim 5 , wherein configuring the access control system to control access to the network resource based on the access policy further comprises configuring the access control system to obtain trust information from a header of a request for the network resource, wherein the trust information comprises one of: device information regarding one or more characteristics of a device from which the request originated, or identity information regarding one or more characteristics of a user account associated with the request. 8. The computer-implemented method of claim 5 , wherein receiving the policy data comprises receiving a definition of a transformation to be applied to a request for the network resource based on a result of an evaluation applied to trust information associated with the request. 9. The computer-implemented method of claim 5 , wherein configuring the access control system based on the access policy comprises configuring the access control system to modify one of: a network endpoint to which a request for the network resource is to be sent, a routing path over which the request is to be sent, a route table to be used by a router to which the request is to be sent, or a network segment to which the request is to be sent. 10. The computer-implemented method of claim 5 , wherein configuring the access control system based on the access policy comprises configuring the access control system to modify one of: role of a user account from which a request for the network resource originated, or a security group to which the user account is assigned. 11. The computer-implemented method of claim 5 , wherein configuring the access control system based on the access policy comprises configuring the access control system to apply an evaluation to a combination of different types of trust information, the combination comprising two or more of: device characteristic information, user identity information, location information, or risk score information. 12. The computer-implemented method of claim 5 , further comprising causing presentation of a graphic user interface, wherein the graphic user interface comprises one or more user interface controls configured to receive input regarding a trust provider and an item of trust information, wherein receiving the trust provider data comprises receiving input via the one or more user interface controls. 13. The computer-implemented method of claim 5 , further comprising causing presentation of a graphic user interface, wherein the graphic user interface comprises one or more user interface controls configured to receive input regarding an evaluation associated with the access policy, wherein receiving the policy data comprises receiving input via the one or more user interface controls. 14. A system comprising: computer-readable memory storing executable instructions; and one or more processors in communication with the computer-readable memory and programmed by the executable instructions to: receive trust provider data specifying one or more items of trust information to be made available for use in controlling access to a network resource available on a network; receive policy data associated with an access policy, wherein the policy data specifies one or more evaluations to be applied to the trust information, and wherein access determinations for the network resource are to be based on the one or more evaluations; and configure an access control system on the network to control access to the network resource based on the access policy. 15. The system of claim 14 , wherein to configure the access control system to control access to the network resource based on the access policy, the one or more processors are further programmed by the executable instructions to configure the access control system to determine whether trust informatio