Given the security requirements for the InfraSec group, you need to propose an appropriate solution. Specifically, those requirements mandate that only members of the group named InfraSec should have the authority to configure network security groups (NSGs) as well as instances of Azure Firewall, Web Application Firewall (WAF), and Azure Front Door within the subscription labeled Sub1. What method or tool should be employed to delegate this access control?