On Prem AD groups v Azure AD groups in Hybrid

Depending on your setup, if you are using Azure ADConnect for your hybrid setup, the on-prem groups are managed exclusively on-prem and synced to Azure AD or O365. groups created in Azure are only in Azure and are not Synced back on-prem unless you have write back enabled which i don't recommend. So any changes to groups created in Azure will stay only in Azure, but your synced users can be added to Auzre created groups also with no problem, but it will have be added and managed in Azure.

We create all groups on-prem and allow it to sync in Azure that way we still have central management for our groups.

I do have groups created in Azure, but I created these group in Azure because the users I have added to those groups are O365 users only and they have no on-prem account.

Its easier to create groups on-prem and manage on-prem an just allow ADConnect to sync those group to Azure AD. Thats my opinion anyway.

how can i allow end users to manage group membership for both on prem and azure
is one method easier than the other?

I would suggest create the group on-prem and let it sync with Azure and any changes to the group should be done on-prem. That's the easiest method to me. Who ever you give permissions to modify those group will make changes to the group on-prem.

do they need the Ad snapin?
if cloud group is it easier to give a user permission to update groups

I told you what I think is easier so its your choice now. No snapin required. just permissions. good luck.

but im asking how i can give an end user rights to add / remove members from the group using both on prem or azure?
do i need to give the access to AD to modify group member ship?
and do i need to give them access to azure to modify groups