Whether it's overkill or not depends on your use cases and your risk assessment. It sounds like you're describing Role-based Access Control (RBAC). RBAC is a popular method to help enable segregation of duties and regulatory compliance.
Access control based on user roles (i.e., a collection of access authorizations a user receives based on an explicit or implicit assumption of a given role). Role permissions may be inherited through a role hierarchy and typically reflect the permissions needed to perform defined functions within an organization. A given role may apply to a single individual or to several individuals.
I'm assuming you mean "doable with groups in sudo". The short answer is yes but you need to be very careful how it's implemented. With sudo you are granting root-level access to commands to an individual or a group (role) that individual is in. sudo is very literal and if you don't consider how commands could be abused you may be providing more access than you expect. For example allowing the logs group to cat everything in /var/log:
User_Alias LOGS = blah
LOGS ALL = (root) /bin/cat /var/log/*
Allows the user to cat the /etc/shadow file:
[blah@ip-10-99-1-27 ~]$ cat /var/log/../../../../../etc/shadow
cat: /var/log/../../../../../etc/shadow: Permission denied
blah@ip-10-99-1-27 ~]$ sudo cat /var/log/../../../../../etc/shadow
[sudo] password for blah:
root:$6$RxAj<redacted>*********************:16741:0:99999:7:::
blah:$6$B70t<redacted>*********************:19114:0:99999:7:::
In general, sudo is one method for granting role-based access but you need to be conscious that you could be providing more access than you intended.
References
NIST RBAC Models
NIST RBAC Definition
