Issue Summary

For users with managed accounts, when company is worries about  their IP to be cloned and posted as public. The Admin of the Organization would like to have a granular control over: 

1. who can create a repository in their own space outside of company shared one
2. what type of repository (public/private) the user can create
3. Prevent the user from posting anything publicly on Bitbucket
4. Allow Admins to see which user has App Password uploaded to their Bitbucket account
5. Which user has SSH keys uploaded to their Bitbucket Account.
6. Visibility into when the managed user last accessed Bitbucket Cloud workspace
7. Visibility into when the managed user last made changes to their Bitbucket Cloud workspace
8. Prevent managed accounts to create workspaces
9. Ability for admins to control who can use PAT/WAT/RATs for accessing workspace content
10. Ability for admins to restrict the use of app passwords from accessing private content of the workspace
11. Ability for admins to restrict the use of SSH keys from accessing the private content of the workspace

Update:

1. Org Admins should be able to check which workspaces their managed users have access to.

Steps to Reproduce

NA

Expected Results

To prevent any user with a managed account to create a public repo against their owned workspace

Actual Results

As of right now, we do not have a way to prevent users with managed accounts from creating individual workspace and publish any data on there, public or private

Workaround

none