Default merge and branch push permissions for all projects in a group

My team has a subgroup that hosts all of our microservice repositories. We have dozens of projects and would like to extend the ability to our developers to create their own repositories as needed. Unfortunately, our repos must be compliant with our company’s merge and push permission schemes. This seems like a simple task to set up default push rules, merge permissions, reviewer requirements, etc for all projects created in a group, but for the life of me, I cannot find a way to make that happen!

Is this something that is possible, or will I be forced to limit repository creation?