You have an Azure subscription with a resource group named RG1. You need to prevent users from being able to delete the RG1 resource group, modify the resources within RG1, or delete any resources from RG1.

What should you do?