Group specific permissions

We have a use case where a user can belong to multiple groups but we need to restrict the user to be an admin for one group but be a viewer for second group.

What’s the best way to implement this in KeyCloak?