diff --git a/docs/sources/administration/roles-and-permissions/access-control/custom-role-actions-scopes/index.md b/docs/sources/administration/roles-and-permissions/access-control/custom-role-actions-scopes/index.md
index ad0515e85b2..50bcd772099 100644
--- a/docs/sources/administration/roles-and-permissions/access-control/custom-role-actions-scopes/index.md
+++ b/docs/sources/administration/roles-and-permissions/access-control/custom-role-actions-scopes/index.md
@@ -47,7 +47,7 @@ The following list contains role-based access control actions.
| `alert.rules:read` | `folders:*`
`folders:uid:*` | Read Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.rules:write` | `folders:*`
`folders:uid:*` | Update Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.silences:create` | `folders:*`
`folders:uid:*` | Create rule-specific silences in a folder and its subfolders. |
-| `alert.silences:read` | `folders:*`
`folders:uid:*` | Read general and rule-specific silences in a folder and its subfolders. |
+| `alert.silences:read` | `folders:*`
`folders:uid:*` | Read all general silences and rule-specific silences in a folder and its subfolders. |
| `alert.silences:write` | `folders:*`
`folders:uid:*` | Update and expire rule-specific silences in a folder and its subfolders. |
| `alert.provisioning:read` | n/a | Read all Grafana alert rules, notification policies, etc via provisioning API. Permissions to folders and datasource are not required. |
| `alert.provisioning.secrets:read` | n/a | Same as `alert.provisioning:read` plus ability to export resources with decrypted secrets. |
diff --git a/docs/sources/alerting/configure-notifications/create-silence.md b/docs/sources/alerting/configure-notifications/create-silence.md
index cc2ad388372..55d78f97f2e 100644
--- a/docs/sources/alerting/configure-notifications/create-silence.md
+++ b/docs/sources/alerting/configure-notifications/create-silence.md
@@ -93,6 +93,15 @@ To remove a silence, complete the following steps.
> **Note:** You cannot remove a silence manually. Silences that have ended are retained and listed for five days.
+## Rule-specific silences
+
+Rule-specific silences are silences that apply only to a specific alert rule.
+They're created when you silence an alert rule directly using the **Silence notifications** action in the UI.
+
+{{< admonition type="note" >}}
+As opposed to general silences, rule-specific silence access is tied directly to the alert rule they act on. They can be created manually by including the specific label matcher: `__alert_rule_uid__=`.
+{{< /admonition >}}
+
## Useful links
[Aggregation operators](https://prometheus.io/docs/prometheus/latest/querying/operators/#aggregation-operators)
diff --git a/docs/sources/alerting/set-up/configure-rbac/_index.md b/docs/sources/alerting/set-up/configure-rbac/_index.md
index 93e2f25ab3d..567b9dd9fab 100644
--- a/docs/sources/alerting/set-up/configure-rbac/_index.md
+++ b/docs/sources/alerting/set-up/configure-rbac/_index.md
@@ -45,7 +45,7 @@ Grafana Alerting has the following permissions.
| `alert.rules:read` | `folders:*`
`folders:uid:*` | Read Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder. |
| `alert.rules:write` | `folders:*`
`folders:uid:*` | Update Grafana alert rules in a folder and its subfolders. Combine this permission with `folders:read` in a scope that includes the folder and `datasources:query` in the scope of data sources the user can query. |
| `alert.silences:create` | `folders:*`
`folders:uid:*` | Create rule-specific silences in a folder and its subfolders. |
-| `alert.silences:read` | `folders:*`
`folders:uid:*` | Read general and rule-specific silences in a folder and its subfolders. |
+| `alert.silences:read` | `folders:*`
`folders:uid:*` | Read all general silences and rule-specific silences in a folder and its subfolders. |
| `alert.silences:write` | `folders:*`
`folders:uid:*` | Update and expire rule-specific silences in a folder and its subfolders. |
| `alert.provisioning:read` | n/a | Read all Grafana alert rules, notification policies, etc via provisioning API. Permissions to folders and data source are not required. |
| `alert.provisioning.secrets:read` | n/a | Same as `alert.provisioning:read` plus ability to export resources with decrypted secrets. |
diff --git a/docs/sources/alerting/set-up/configure-rbac/access-folders/index.md b/docs/sources/alerting/set-up/configure-rbac/access-folders/index.md
index 6c04bd62927..fcecc6fcf23 100644
--- a/docs/sources/alerting/set-up/configure-rbac/access-folders/index.md
+++ b/docs/sources/alerting/set-up/configure-rbac/access-folders/index.md
@@ -18,22 +18,37 @@ weight: 200
## Manage access using folders or data sources
-You can further customize access for alert rules by assigning permissions to individual folders or data sources, regardless of role assigned.
+You can extend the access provided by a role to alert rules and rule-specific silences by assigning permissions to individual folders or data sources.
+
+{{< admonition type="note" >}}
+Data source query permissions are required to create or modify an alert rule using that data source.
+{{< /admonition >}}
+
+This allows different users, teams, or service accounts to have customized access to modify or silence alert rules in specific folders or using specific data sources.
+
+Details on the additional access provided by folder permissions are below.
+
+| Folder permission | Additional Access |
+| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------- |
+| View | Read access to all general silences. Read access to alert rules and their rule-specific silences _only_ in the given folder and subfolders. |
+| Edit | View access and write access to alert rules and their rule-specific silences _only_ in the given folder and subfolders. |
+| Admin | Same additional access as Edit. |
+
+Some example combinations:
+
+| Role | Folder permission | Access |
+| ------------- | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| No Basic Role | - | None. No access to alert rules or rule-specific silences in the folder. |
+| No Basic Role | View | Read access to all general silences. Read access to alert rules and their rule-specific silences _only_ in the given folder and subfolders. |
+| No Basic Role | Edit | Above access and write access to alert rules (given necessary data source query permissions) and their rule-specific silences _only_ in the given folder and subfolders. |
+| Viewer | - | Read access to alert rules and silences in all folders. |
+| Viewer | Edit | Read access to alert rules and silences in all folders. Write access to alert rules and their rule-specific silences _only_ in the given folder and subfolders. |
+| Editor | View | Read and write access to alert rules and silences in all folders. Access can only be extended. |
{{< admonition type="note" >}}
You can't use folders to customize access to notification resources.
{{< /admonition >}}
-Details of how role access can combine with folder permissions for Grafana Alerting are below.
-
-| Role | Folder | Access |
-| ------ | ------ | ---------------------------------------------------------------------------------------- |
-| Admin | - | Write access to alert rules in all folders. |
-| Editor | - | Write access to alert rules in all folders. |
-| Viewer | Admin | Write access to alert rules **only** in the folders where the Admin permission is added. |
-| Viewer | Edit | Write access to alert rules **only** in the folders where the Edit permission is added. |
-| Viewer | View | Read access to alert rules in all folders. |
-
## Folder permissions
To manage folder permissions, complete the following steps.
diff --git a/docs/sources/alerting/set-up/configure-roles/index.md b/docs/sources/alerting/set-up/configure-roles/index.md
index 5bff40250ea..6acb0734bb2 100644
--- a/docs/sources/alerting/set-up/configure-roles/index.md
+++ b/docs/sources/alerting/set-up/configure-roles/index.md
@@ -42,19 +42,17 @@ To assign roles, admins need to complete the following steps.
## Manage access using folder permissions
-You can further customize access for alert rules by assigning permissions to individual folders.
+You can extend the access provided by a role to alert rules and rule-specific silences by assigning permissions to individual folders.
-This prevents every user from having access to modify all alert rules and gives them access to the folders with the alert rules they're working on.
+This allows different users, teams, or service accounts to have customized access to modify or silence alert rules in specific folders.
-Details on the adding folder permissions as well as roles and the access that provides for Grafana Alerting is below.
+Refer to the following table for details on the additional access provided by folder permissions:
-| Role | Folder permission | Access |
-| ------ | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
-| Admin | - | Write access to alert rules in all folders. |
-| Editor | - | Write access to alert rules in all folders. |
-| Viewer | Admin | Read access to alert rules in all folders. Write access to alert rules **only** in the folders where the Admin permission is added. |
-| Viewer | Editor | Read access to alert rules in all folders. Write access to alert rules **only** in the folders where the Editor permission is added. |
-| Viewer | Viewer | Read access to alert rules in all folders. |
+| Folder permission | Additional Access |
+| ----------------- | ------------------------------------------------------------------------------------------------------- |
+| View | No additional access: all permissions already contained in Viewer role. |
+| Edit | Write access to alert rules and their rule-specific silences _only_ in the given folder and subfolders. |
+| Admin | Same additional access as Edit. |
{{< admonition type="note" >}}
You can't use folders to customize access to notification resources.