diff --git a/docs/_images/role-conditional-entry-access.png b/docs/_images/role-conditional-entry-access.png
new file mode 100644
index 000000000..55c94cca0
Binary files /dev/null and b/docs/_images/role-conditional-entry-access.png differ
diff --git a/docs/control-panel/member-manager.md b/docs/control-panel/member-manager.md
index 695fe5cf9..e81d2551c 100755
--- a/docs/control-panel/member-manager.md
+++ b/docs/control-panel/member-manager.md
@@ -48,6 +48,92 @@ If you need a custom set of permissions for the role, we suggest creating a new
 
 Edit the role by clicking its name in the list.
 
+### Role Settings
+
+**Control Panel Location: `Members > Roles > Create/Edit`**
+
+The roles have a lot of settings, most of which are related to permissions granted to member that belong to the role. Note that permissions are additive, that is if a member belongs to multiple roles, they will have all the permissions granted by all the roles they belong to.
+
+You need to be specifically careful assigning the preferenced marked with shield icon, as those are related to security of your website.
+
+The role settings are grouped into the following tabs.
+
+[TOC=4]
+
+#### Role tab
+
+This tab contains the generic settings for the role, incling name, description, color label and some common settings, such as security lock of MFA requirement. You can also assign role to Role Group on this tab.
+
+#### Website Access tab
+
+Use this tab to set up how the members in this role can interact with your website and what actions they can perform on the front-end.
+
+#### CP Access tab
+
+This tab is used to set up what sections of the Control Panel the members in this role can access. You can also set up what actions they can perform in each section. There are also settings that define the look of certain Control Panel pages.
+
+The settings here are grouped into sections for each subset of Control Panel functionality.
+
+[TOC=5]
+
+##### Channel
+
+Defines whether and how the members in this role can administrate the [Channels](getting-started/the-big-picture.md#channels) and related content structures (such as Categories, Statuses).
+
+##### Channel Entries
+
+Defines the permissions that members have for creating/editing/deleting entries in each of the channels.
+
+###### Conditional Entry Permissions
+
+In addition to per-channel permissions, "Check conditional access?" toggle can be turned on for the role. When done so, the member will only be able to access (in Control Panel) the entries that meet the criterias specified in any of conditional rules sets.
+
+![Conditional Entry Editing Permissions](_images/role-conditional-entry-access.png)
+
+It is possible to set up any number of conditional rules sets, each having any number of rules. The rule set can be set up to require _all_ or _any_ of the rules to be met.
+
+The rules can be based on the alsmost any entry data, including custom fields. When [Structure](add-ons/structure/overview.md) is installed, the rules can also be based on the entry's location in the Structure tree.
+
+##### Files
+
+Defines actions can perform on the files as well as administrative permissions on [upload directories](control-panel/file-manager/upload-directories.md).
+
+Note: when editing channel entries with File fields, the members would need access to respective upload directories to modify those.
+
+##### Members
+
+Defines whether the members of role can access Member Manager and perform certain actions on members and roles.
+
+##### Templates
+
+Defines whether the members can create/edit/modify templates, template partials and template variables. Individual level of administrative permissions can be set per template group here.
+
+##### Add-Ons
+
+Defines whether the members can access Add-ons section and which add-ons they are allowed to access in the Control Panel.
+
+##### Utilities
+
+Set the CP utilities that the members of thise role are allowed to use.
+
+##### Logs
+
+Defines whether the member can access Logs section in the Control Panel.
+
+##### Settings
+
+Defines whether the members can modify system settings, with the separate preferences for the most sensitive settings subsections.
+
+#### Template Access tab
+
+This tab is listing all the template of your website. If you deselect certain templates, the members in this role will not be able to access site pages that are using those. Instead, they will see "No Access" message as configured in settings for those templates.
+
+### Role Groups
+
+Role Groups are a way to organize your roles into logical groups. Create a Role Group by clicking "New" next to Role Groups heading in the sidebar. You can then set role group name and assign roles to it by checking the appropriate checkboxes.
+
+You can then assign a member to Role Group. The member will have all the permissions granted by all the roles in the group.
+
 ## Custom Member Fields
 
 **Control Panel Location: `Members > Member Fields`**