Hi,
From my understanding, you would like users to be able to delete individual resources within a resource group, but not the resource group itself. Please correct me if my understanding is wrong.
Two potential techniques to achieve your goal:
Create "Dummy" resource with Delete lock--with this technique you create one resource inside the group and apply a Delete lock to it. You want to use a resource that doesn't have an associated cost and that you don't plan to use. Having this resource inside of the group will prevent the group itself from being deleted, but will not prevent the other resources in the group from being deleted.
For example, say you have a Resource Group named "test-group". Inside of this group you create a Proximity Placement Group (PPG) named "delete-lock-ppg". On the Locks blade of the PPG, you create a new lock named "delete-lock" and select Delete for the lock type.
Once you have the above in place if you attempt to delete the resource group it will fail, however, if you attempt to delete other resources (besides the PPG) in the group it will succeed.
RBAC permissions--with this technique you assign users only Reader role to the resource group, and a higher Role, such as Contributor, to the resources within the group. This will allow users to delete individual resources within the group, but will block them if they attempt to delete the group itself, since they only have Read permission.
Downside of RBAC technique is having to assign permissions to all the individual resources in the group. Additionally, they would only have read rights to the group which may not be what you need since it would block some operations such as deploying new resources.
Please click Accept Answer and upvote if the above was helpful. If something is unclear or you need more details add a comment below.
Thanks.
-TP