Hi Jim
One can not exist without other. About a L2L tunnel, the crypto map specifies
1)Peer IP
2)Transform set
3)Match ACL (The traffic which will flow through the tunnel, in othe words, the traffic which will trigger this cryptomap to establish the tunnel)
Now devices know who are the endpoints for VPN tunnel, the transform sets that both ends have to use, and the traffic which should flow through the tunnel.
tunnel-group comes in here. It includes pre-shared-key that is going to be used for authentication of both ends, or set certificate if you like, idle timeouts etc also determines if this tunnel a remote access tunnel or a lan to lan, if this is a remote access tunnel, you specify address pool definitions in here and so on.
Here is an example code for establishing a site-to-site
tunnel-group x.x.x.x type ipsec-l2l
tunnel-group x.x.x.x ipsec-attributes
pre-shared-key xxxxxxxx
crypto map outside_map 10 set peer x.x.x.x
crypto map outside_map 10 set transform-set myset
crypto map outside_map 10 match xxx (Acl Name)
Keep in mind that tunnel-group name must match the remote peer IP address (if this is a lan to lan tunnel)
Regards