diff --git a/README.md b/README.md
index c84e0bc..388cc8f 100644
--- a/README.md
+++ b/README.md
@@ -104,36 +104,36 @@ To integrate Velero with GCP, create a Velero-specific [Service Account][21]:
 
 ### Create Custom Role with Permissions for the Velero GSA:
 These permissions are required by Velero to manage snapshot resources in the GCP Project.
+
+```bash
+ROLE_PERMISSIONS=(
+    compute.disks.get
+    compute.disks.create
+    compute.disks.createSnapshot
+    compute.projects.get
+    compute.snapshots.get
+    compute.snapshots.create
+    compute.snapshots.useReadOnly
+    compute.snapshots.delete
+    compute.zones.get
+    storage.objects.create
+    storage.objects.delete
+    storage.objects.get
+    storage.objects.list
+    iam.serviceAccounts.signBlob
+)
     
-    ```bash
-    ROLE_PERMISSIONS=(
-        compute.disks.get
-        compute.disks.create
-        compute.disks.createSnapshot
-        compute.projects.get
-        compute.snapshots.get
-        compute.snapshots.create
-        compute.snapshots.useReadOnly
-        compute.snapshots.delete
-        compute.zones.get
-        storage.objects.create
-        storage.objects.delete
-        storage.objects.get
-        storage.objects.list
-        iam.serviceAccounts.signBlob
-    )
-    
-    gcloud iam roles create velero.server \
-        --project $PROJECT_ID \
-        --title "Velero Server" \
-        --permissions "$(IFS=","; echo "${ROLE_PERMISSIONS[*]}")"
+gcloud iam roles create velero.server \
+    --project $PROJECT_ID \
+    --title "Velero Server" \
+    --permissions "$(IFS=","; echo "${ROLE_PERMISSIONS[*]}")"
 
-    gcloud projects add-iam-policy-binding $PROJECT_ID \
-        --member serviceAccount:$SERVICE_ACCOUNT_EMAIL \
-        --role projects/$PROJECT_ID/roles/velero.server
+gcloud projects add-iam-policy-binding $PROJECT_ID \
+    --member serviceAccount:$SERVICE_ACCOUNT_EMAIL \
+    --role projects/$PROJECT_ID/roles/velero.server
 
-    gsutil iam ch serviceAccount:$SERVICE_ACCOUNT_EMAIL:objectAdmin gs://${BUCKET}
-    ```
+gsutil iam ch serviceAccount:$SERVICE_ACCOUNT_EMAIL:objectAdmin gs://${BUCKET}
+```
 
 Note: 
 `iam.serviceAccounts.signBlob` permission is used to allow [Velero's Kubernetes Service Account](#Option-2:-Using-Workload-Identity) to create signed urls for the GCS bucket.
diff --git a/changelogs/unreleased/000-msdolbey b/changelogs/unreleased/000-msdolbey
new file mode 100644
index 0000000..f11e76a
--- /dev/null
+++ b/changelogs/unreleased/000-msdolbey
@@ -0,0 +1,3 @@
+## All changes
+
+- made some markdown changes in the README (#xx, @msdolbey)
\ No newline at end of file