diff --git a/content/GCP/02_intro_to_compute.ipynb b/content/GCP/02_intro_to_compute.ipynb
index ac35e1c..723cd5b 100644
--- a/content/GCP/02_intro_to_compute.ipynb
+++ b/content/GCP/02_intro_to_compute.ipynb
@@ -96,6 +96,8 @@
     "\n",
     "In the **Name** column you should see a row with **Compute Engine default service account**.  Here you should see the **Editor** role in the Role column.  A *role* is a collection of permissions managed by Google or someone else.  The **Editor** role for a project will *allow* a **VM instance** to modify resources *in* the **project**.  The principal for the *Compute Engine default service account* should start with the *Project ID* of your project.  It is possible to create a custom service account with the appropriate roles for the *VM Instance*.\n",
     "\n",
+    "![iam-default-service-account](img/iam-default-service-account.png)\n",
+    "\n",
     "There are three important pieces of information that work together to form the **IAM policy**. The permission (role), the identity (principal or member), and the resource (project).\n",
     "\n",
     "There is one additional tool that is used, **scope**.  Scope describes the services that are accessible by an identity and is a simple way of limiting access to services.  \n",
diff --git a/content/GCP/img/iam-default-service-account.png b/content/GCP/img/iam-default-service-account.png
new file mode 100644
index 0000000..f291fb0
Binary files /dev/null and b/content/GCP/img/iam-default-service-account.png differ