You can restrict the creation of Components and Multimedia Components for a given group by removing the group's Read Permissions on the folders containing Schemas. The same approach can limit the selection options for Templates or Bundle Schema selection.
A mnemonic I've used is: "I may have the Right to Free Speech, but not Permission to yell in your living room."
In Tridion Sites terms, a user may have the Right to Manage Components, but not Permission to create them in a given folder.
Bundle Management is a right set at the Publication level--it gives/removes the ability to create Bundles. However, in practice, organizations might lock down things in ways that make sense for them. For example, the main folder structure might be restricted, but select teams could organize their own folders or perhaps make Bundles.
I summarized the authorization model in this post:
+1 to Rick's question and points, though maybe I can add one way to limit Multimedia (and regular) Components.