Thanks for asking question! The best way to apply access control for all resources in a resource group is through RBAC, Role-based access control (RBAC) helps you manage who has access to Azure resources, what they can do with those resources, and what areas they have access to. Using RBAC, you can segregate duties within your team and grant only the amount of access to users that they need to perform their jobs. Instead of giving everybody unrestricted permissions in your Azure subscription or resources, you can allow only certain actions at a particular scope.
Also, when you grant access at a parent scope, those permissions are inherited to the child scopes.
You may refer to this Tutorial: Grant a user access to Azure resources using RBAC and the Azure portal