Box 1: Admin3 only -
The Contributor role has the necessary write permissions to create the resource group.
Box 2: Admin4 only -
You need Owner level access to be able to manage permissions. The Contributor role can do most things but cannot modify permissions on existing objects.