diff --git a/demo-13/iam.tf b/demo-13/iam.tf
index 58cf30b..fe6b296 100644
--- a/demo-13/iam.tf
+++ b/demo-13/iam.tf
@@ -22,3 +22,7 @@ resource "aws_iam_group_membership" "administrators-users" {
     ]
     group = "${aws_iam_group.administrators.name}"
 }
+
+output "warning" {
+    value = "WARNING: make sure you're not using the AdministratorAccess policy for other users/groups/roles. If this is the case, don't run terraform destroy, but manually unlink the created resources"
+}