Access Control Granularity : Document level access control

I am new to couchbase. I understand that access control is done via RBAC which is fine.
The documentation largely refers to controlling access to buckets or collections of documents.
Is it possible to setup individual document level access controls ?
By this I mean do documents have security attributes at the individual level which could allow two different documents in the same collection or bucket to have two different sets of allowed readers and writers ? or is the collection or bucket the smallest granularity of access control ?

@richard1 Collections are the finest-grain entities RBAC operates on. Any finer-grained control would need to be implemented by the application. (Thus if users have direct N1QL access this would not be possible.)

Here is the doc entry on Couchbase RBAC for the most recent version 7.0: