Description:

We would like to request a new feature in Atlassian Bitbucket that allows a user account to be granted administrative or write access to all projects and repositories on the platform, without assigning Bitbucket Administrator (global admin) privileges.

Background & Use Case:

Currently, the only way to provide a user with the ability to administer or write to all projects and repositories is to grant them Bitbucket Administrator access. However, this also gives them the ability to modify platform-wide settings, manage users, and make configuration changes that go beyond project/repository administration. This creates unnecessary risk and does not align with the principle of least privilege.

There are several scenarios where organizations need to grant a user or service account the ability to:

• Administer all projects and repositories (e.g., manage permissions, create/delete repositories, configure branch permissions, etc.)
• Write to all repositories (e.g., for automation, migration, or integration purposes)

Feature Request:

Introduce a new permission level or role that can be assigned to a user or group, which allows:

• Administrative or write access to all projects and repositories on the Bitbucket instance
• Without granting full Bitbucket Administrator (global admin) privileges or access to platform-wide configuration

Benefits:

• Reduces security risk by limiting the scope of elevated privileges
• Supports automation and integration use cases that require broad repository access, but not platform administration
• Aligns with best practices for privileged access management and compliance

Suggested Implementation:

• A new global role (e.g., "Platform Project Admin" or "Global Write Access") that can be assigned via the Bitbucket UI or REST API
• This role would automatically grant project admin or write permissions to all current and future projects/repositories, but would not allow access to global admin settings or platform configuration