Using transient processing containers for security authorization

What is claimed is: 1. A system, comprising: at least one processor; and memory including instructions that, when executed by the at least one processor, cause the system to: receive, from a customer, a request for access to a resource in an electronic environment, the electronic environment being provided at least in part by a resource provider, the customer having an account with the resource provider; determine, based at least in part on information from the request, a policy corresponding to the request; determine, using the policy, an authorization function to be used in making an authorization decision for the request, the authorization function provided by the customer; determine an instance of compute capacity, in the electronic environment, to be used in executing the authorization function; allocate, by the resource provider, the instance of compute capacity on behalf of the customer; cause the instance of compute capacity to generate the authorization decision using the authorization function and context for the request, the context determined based at least in part upon the information from the request; receive, from the instance of compute capacity, the authorization decision, the authorization decision indicating that the request for access is authorized; cause the access to the resource to be provided for the request; and de-allocate the instance of compute capacity. 2. The system of claim 1 , wherein the instructions when executed further cause the system to: obtain the instance of compute capacity from one of (a) a first pool of compute capacity actively associated with a user associated with the request or (b) a second pool of compute capacity being unassociated with the user or another user of the electronic environment. 3. The system of claim 2 , wherein the instructions when executed further cause the system to: determine, from the second pool of compute capacity, a compute container containing one or more software objects capable of supporting execution of the authorization function. 4. The system of claim 1 , wherein the instructions when executed further cause the system to: cause the instance of compute capacity to be allocated for the purpose of generating the authorization decision using the authorization function and de-allocated after generating the authorization decision, without being utilized for any other authorization decision. 5. A computer-implemented method, comprising: receiving, from a user, a request requiring access to at least one resource in an electronic environment, the at least one resource being provided by a resource provider; determining an authorization function corresponding to the request based on a policy corresponding to the request; invoking, on behalf of the user, a compute instance in the electronic environment, the compute instance configured to execute the authorization function using context information for the request; receiving, from the compute instance, a decision regarding an authorization of the access to the at least one resource; enforcing the decision with respect to the access; and de-allocating the compute instance after enforcing the decision with respect to the access. 6. The computer-implemented method of claim 5 , further comprising: the compute instance being allocated specifically for executing the authorization function. 7. The computer-implemented method of claim 5 , wherein the authorization function is received from the user or a third party provider. 8. The computer-implemented method of claim 5 , further comprising: analyzing a first pool of active compute instances to determine compute capacity available to execute the authorization function; and selecting the compute instance from the first pool of active compute instances or a second pool of pre-warmed compute instances based at least in part upon the compute capacity. 9. The computer-implemented method of claim 8 , further comprising: pre-warming one or more compute instances in the second pool of pre-warmed compute instances, the pre-warming including determining at least an operating system and software necessary to execute one or more authorization functions on behalf of one or more users of the electronic environment. 10. The computer-implemented method of claim 5 , wherein enforcing the decision includes granting access for an authorized decision and denying access for an unauthorized decision. 11. The computer-implemented method of claim 5 , wherein enforcing the decision includes granting access but generating a notification regarding the access. 12. The computer-implemented method of claim 5 , wherein the compute instance is stateless. 13. The computer-implemented method of claim 12 , further comprising: obtaining, from a data store, inbound state information for use in executing the authorization function; receiving outbound state information from the compute instance after executing the authorization function; and storing the outbound state information to a data store. 14. The computer-implemented method of claim 5 , wherein the request is a call received to an application programming interface (API). 15. The computer-implemented method of claim 5 , further comprising: obtaining the authorization function from a third party; and providing, on behalf of the user, compensation to the third party for use of the authorization function. 16. The computer-implemented method of claim 15 , wherein the compensation includes funds from an account of the user with one of the resource provider or the third party. 17. A non-transitory computer-readable storage medium storing instructions that, when executed by at least one processor of a computer system, cause the computer system to: receive, from a user, a request for access to at least one resource in an electronic environment, the electronic environment provided at least in part by a resource provider; determine an authorization function corresponding to the request based on a policy corresponding to the request; invoke, on behalf of the user, a compute instance in the electronic environment, the compute instance invoked to execute the authorization function using context information for the request; receive, from the compute instance, a decision regarding an authorization of the access to the at least one resource; enforce the decision with respect to the access; and de-allocate the compute instance after enforcing the decision with respect to the access. 18. The non-transitory computer-readable storage medium of claim 17 , wherein the instructions when executed further cause the computer system to: determine a transient compute container in a virtual machine to be allocated as the compute instance, the transient compute container configured specifically to execute the authorization function then be de-allocated. 19. The non-transitory computer-readable storage medium of claim 17 , wherein the authorization function is received from the user or a third party provider. 20. The non-transitory computer-readable storage medium of claim 17 , wherein the instructions when executed further cause the computer system to: obtain inbound state information for use by the authorization function in generating the decision; receive outbound state information from the compute instance after generating the decision; and store the outbound state information to a data store.