diff --git a/source/reference/system-defined-roles.txt b/source/reference/system-defined-roles.txt
index ccc2c601f65..9697fbbcb71 100644
--- a/source/reference/system-defined-roles.txt
+++ b/source/reference/system-defined-roles.txt
@@ -475,6 +475,17 @@ The following role provides full privileges on all resources in the cluster:
    Provides access to all the operations and all the resources of *of all
    other roles combined*. A user with this role is a superuser.
 
+Internal Role
+-------------
+
+.. authrole:: __system
+
+   MongoDB assigns this role to user objects that represent cluster members,
+   such as replica set members and :program:`mongos` instances. The role
+   entitles its holder to take any action against any object in the database.
+   **Do not** assign this role to user objects representing applications or
+   human administrators, other than in exceptional circumstances.
+
 .. todo: does this still apply?
 
 .. :dbcommand:`applyOps`, :dbcommand:`eval`, and :method:`db.eval()` require