diff --git a/website/source/docs/providers/aws/r/iam_role.html.markdown b/website/source/docs/providers/aws/r/iam_role.html.markdown
index 3ee8cd0a8..94a68ebdf 100644
--- a/website/source/docs/providers/aws/r/iam_role.html.markdown
+++ b/website/source/docs/providers/aws/r/iam_role.html.markdown
@@ -40,6 +40,9 @@ The following arguments are supported:
 * `name` - (Optional, Forces new resource) The name of the role.
 * `name_prefix` - (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts with `name`.
 * `assume_role_policy` - (Required) The policy that grants an entity permission to assume the role.
+
+~> **NOTE:** This `assume_role_policy` is very similar but slightly different than just a standard IAM policy and cannot use an `aws_iam_policy` resource.  If _can_ however, use an `aws_iam_policy_document` [data source](https://www.terraform.io/docs/providers/aws/d/iam_policy_document.html), see example below for how this could work.
+
 * `path` - (Optional) The path to the role.
   See [IAM Identifiers](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) for more information.
 
@@ -51,10 +54,31 @@ The following attributes are exported:
 * `create_date` - The creation date of the IAM role.
 * `unique_id` - The stable and unique string identifying the role.
 
+## Example of Using Data Source for Assume Role Policy
+
+```
+data "aws_iam_policy_document" "instance-assume-role-policy" {
+  statement {
+    actions = [ "sts:AssumeRole" ]
+
+    principals {
+      type = "Service"
+      identifiers = ["ec2.amazonaws.com"]
+    }
+  }
+}
+
+resource "aws_iam_role" "instance" {
+  name = "instance_role"
+  path = "/system/"
+  assume_role_policy = "${data.aws_iam_policy_document.instance-assume-role-policy.json}"
+}
+```
+
 ## Import
 
 IAM Roles can be imported using the `name`, e.g.
 
 ```
 $ terraform import aws_iam_role.developer developer_name
-```
\ No newline at end of file
+```