diff --git a/README.md b/README.md
index e7ca711..bfc8605 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ continuous integration tasks on AWS.
 module "aws_iam_role" {
   source = "git::ssh://git@git.adyxax.org/adyxax/tofu-module-aws-iam-role?depth=1&ref=1.1.0"
 
-  name            = local.name
+  name              = local.name
   policy_statements = jsonencode([
     {
       Action   = "acm:*"
@@ -24,6 +24,11 @@ module "aws_iam_role" {
 }
 ```
 
+## Assume role policy
+
+This role is designed to be used with AWS Identity Center and provisions a trust
+relationship to the root organization account.
+
 ## Policies
 
 The IAM role is granted the following permissions on the AWS account: