Use Case:

Currently, the Project Admin role in Bitbucket Data Center is a single, all-or-nothing permission. Any user granted Project Admin can:

• Change the project name, description, and key
• This is a significant concern for enterprise organizations with strict governance and compliance requirements, where project identity (name, key, description) and access control (permissions) must be managed centrally.

Current Workaround:

Customers are using ScriptRunner event listeners to intercept and cancel project modification events.

Proposed Solution:

Introduce granular sub-permissions or policies under the Project Admin role, allowing Global/System Admins to control which actions Project Admins can perform, 
Add global policies under Administration → Global Permissions → Policies to control:

• Who can modify the project name/description/key
• Who can delete a project
• Who can modify project-level permissions