diff --git a/terraform/azure-devops/create-service-connection/doc-gen/header.md b/terraform/azure-devops/create-service-connection/doc-gen/header.md
index 7995d2a..c7ed642 100644
--- a/terraform/azure-devops/create-service-connection/doc-gen/header.md
+++ b/terraform/azure-devops/create-service-connection/doc-gen/header.md
@@ -51,6 +51,8 @@ Below are common configurations. You can mix & match to create your own.
 
 #### Default configuration
 
+![](visuals/app-fic.png)
+
 This creates an App registration with Federated Identity Credential and `Contributor` role on the Azure subscription used by the Terraform `azurerm` provider.
 
 ```hcl
@@ -68,6 +70,8 @@ Pre-requisites:
 
 #### Managed Identity with FIC and custom RBAC
 
+![](visuals/msi-fic-multi-rbac.png)
+
 This creates a Managed Identity with Federated Identity Credential and custom Azure RBAC (role-based access control) role assignments:
 
 ```hcl
@@ -99,6 +103,8 @@ Pre-requisites:
 
 #### Managed Identity assigned to Entra ID security group
 
+![](visuals/msi-fic-group.png)
+
 This creates a Managed Identity with Federated Identity Credential and custom Azure RBAC (role-based access control) role assignments:
 
 ```hcl
diff --git a/terraform/azure-devops/create-service-connection/visuals/app-fic.png b/terraform/azure-devops/create-service-connection/visuals/app-fic.png
new file mode 100644
index 0000000..518f3fe
Binary files /dev/null and b/terraform/azure-devops/create-service-connection/visuals/app-fic.png differ
diff --git a/terraform/azure-devops/create-service-connection/visuals/diagrams.vsdx b/terraform/azure-devops/create-service-connection/visuals/diagrams.vsdx
index a0eb2ca..f59052e 100644
Binary files a/terraform/azure-devops/create-service-connection/visuals/diagrams.vsdx and b/terraform/azure-devops/create-service-connection/visuals/diagrams.vsdx differ
diff --git a/terraform/azure-devops/create-service-connection/visuals/msi-fic-group.png b/terraform/azure-devops/create-service-connection/visuals/msi-fic-group.png
new file mode 100644
index 0000000..3e94d94
Binary files /dev/null and b/terraform/azure-devops/create-service-connection/visuals/msi-fic-group.png differ
diff --git a/terraform/azure-devops/create-service-connection/visuals/msi-fic-multi-rbac.png b/terraform/azure-devops/create-service-connection/visuals/msi-fic-multi-rbac.png
new file mode 100644
index 0000000..8544880
Binary files /dev/null and b/terraform/azure-devops/create-service-connection/visuals/msi-fic-multi-rbac.png differ