It is incredibly inconvenient (and insecure) to require admin rights over the whole Docker org to be able to create repos.
Can we add a sub-admin/co-owner type group that allows its members to only create and manage repos and teams, without any access to the organization’s security settings and billing info (not to mention adding new paid users without asking)?
OR just allow all members to create and manage their repositories?

It would be beneficial to introduce a sub-admin or co-owner type group that grants its members the ability to create and manage repositories and teams. This group should be designed to ensure the safety and security of the organization by restricting access to sensitive information such as security settings, billing details, and the ability to add new paid users without authorization.

Alternatively, another approach could be to allow all members of the organization to create and manage their own repositories. This would distribute the responsibility and empower individual members to have control over their own projects without compromising the overall security of the organization.

By implementing either of these solutions, Docker can provide a more flexible and secure environment that meets the needs of its users while maintaining the security designed to keep safe.