diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index 59806a2..ce40c7c 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -109,6 +109,7 @@ provider "registry.terraform.io/mongodb/mongodbatlas" {
   version = "1.16.0"
   hashes = [
     "h1:IP2Gb4KrKAwmUSG5B0oqKYQOyGQjkeazVokw+TIuVcU=",
+    "h1:cWeuysKYmhgvWhf6g7kC5yKsgP7uNzTFTapcAxAHMkQ=",
     "zh:086a72493614a00fd5e38c7c0d077269f0069dd0d9d0cbfa1b0b1834278870b3",
     "zh:11489ece5a1683f65ea64898c8a4cd06300cd91ae8bebbf05631020d5b549186",
     "zh:4a45180e6d951affb27cab0320c845fb97e1e5e0396227d9f38a27f70ede113b",
diff --git a/main.tf b/main.tf
index f960207..c0be380 100644
--- a/main.tf
+++ b/main.tf
@@ -20,9 +20,6 @@ terraform {
       source  = "hashicorp/tls"
       version = "4.0.5"
     }
-    mongodbatlas = {
-      source = "mongodb/mongodbatlas"
-    }
   }
   backend "azurerm" {
     container_name       = "tfstate"
@@ -116,23 +113,6 @@ module "common" {
   resource_group_location = local.resource_group_location
 }
 
-resource "random_password" "mongodb_password" {
-  length  = 32
-  special = true
-}
-
-resource "mongodbatlas_database_user" "database_user" {
-  username           = "cms"
-  password           = random_password.mongodb_password.result
-  project_id         = module.mongodb.project_id
-  auth_database_name = "admin"
-
-  roles {
-    role_name     = "readWrite"
-    database_name = "cms"
-  }
-}
-
 module "mongodb" {
   source                    = "./modules/mongodb"
   mongodb_atlas_public_key  = module.keyvault.mongodb_atlas_public_key
diff --git a/modules/mongodb/main.tf b/modules/mongodb/main.tf
index c6912a0..bbad2a3 100644
--- a/modules/mongodb/main.tf
+++ b/modules/mongodb/main.tf
@@ -1,3 +1,10 @@
+terraform {
+  required_providers {
+    mongodbatlas = {
+      source = "mongodb/mongodbatlas"
+    }
+  }
+}
 provider "mongodbatlas" {
   public_key  = var.mongodb_atlas_public_key
   private_key = var.mongodb_atlas_private_key
@@ -25,8 +32,7 @@ resource "mongodbatlas_serverless_instance" "serverless_instance" {
   provider_settings_backing_provider_name = "AZURE"
   provider_settings_provider_name         = "SERVERLESS"
   provider_settings_region_name           = var.atlas_region
-
-  auto_indexing = true
+  auto_indexing                           = true
 }
 
 resource "mongodbatlas_project_ip_access_list" "test" {
@@ -34,3 +40,20 @@ resource "mongodbatlas_project_ip_access_list" "test" {
   cidr_block = "0.0.0.0/0"
   comment    = "Public access (yolo)"
 }
+
+resource "random_password" "mongodb_password" {
+  length  = 32
+  special = false
+}
+
+resource "mongodbatlas_database_user" "database_user" {
+  username           = "cms"
+  password           = random_password.mongodb_password.result
+  project_id         = mongodbatlas_project.project.id
+  auth_database_name = "admin"
+
+  roles {
+    role_name     = "readWrite"
+    database_name = "cms"
+  }
+}
diff --git a/modules/mongodb/output.tf b/modules/mongodb/output.tf
index de0d697..30a0fb1 100644
--- a/modules/mongodb/output.tf
+++ b/modules/mongodb/output.tf
@@ -1,4 +1,4 @@
 output "db_connection_string" {
-  value = mongodbatlas_serverless_instance.serverless_instance.connection_strings_standard_srv
+  value     = "${replace(mongodbatlas_serverless_instance.serverless_instance.connection_strings_standard_srv, "mongodb+srv://", "mongodb+srv://cms:${random_password.mongodb_password.result}@")}/cms?retryWrites=true&w=majority"
   sensitive = true
 }