For cloud-based outsourcing of confidential data, various techniques based on cryptography or data-fragmentation have been proposed, each with its own tradeoff between confidentiality, performance, and the set of supported queries. However, it is complex and error-prone to select appropriate techniques to individual scenarios manually. In this paper, we present a policy-based approach consisting of a domain specific language and a policy-transformator to automatically generate scenariospecific software adapters called mediators that set up data outsourcing and govern data access. Mediators combine stateof-the-art confidentiality techniques to ensure a user-specified level of confidentiality while still offering efficient data access. Thus, our approach simplifies data outsourcing by decoupling policy decisions from their technical implementation and realizes appropriate tradeoffs between confidentiality and efficiency.