diff --git a/README.md b/README.md
index dccea77d..233bb6e9 100644
--- a/README.md
+++ b/README.md
@@ -80,7 +80,7 @@ You need the following permissions to run this module.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [admin\_pass](#input\_admin\_pass) | The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. The admin password must be in the range of 10-32 characters. | `string` | `null` | no |
+| [admin\_pass](#input\_admin\_pass) | The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. The admin password must be in the range of 10-32 characters and cannot start with a special character. | `string` | `null` | no |
| [auto\_scaling](#input\_auto\_scaling) | Optional rules to allow the database to increase resources in response to usage. Only a single autoscaling block is allowed. Make sure you understand the effects of autoscaling, especially for production environments. See https://cloud.ibm.com/docs/databases-for-elasticsearch?topic=databases-for-elasticsearch-autoscaling in the IBM Cloud Docs. | object({
disk = object({
capacity_enabled = optional(bool, false)
free_space_less_than_percent = optional(number, 10)
io_above_percent = optional(number, 90)
io_enabled = optional(bool, false)
io_over_period = optional(string, "15m")
rate_increase_percent = optional(number, 10)
rate_limit_mb_per_member = optional(number, 3670016)
rate_period_seconds = optional(number, 900)
rate_units = optional(string, "mb")
})
memory = object({
io_above_percent = optional(number, 90)
io_enabled = optional(bool, false)
io_over_period = optional(string, "15m")
rate_increase_percent = optional(number, 10)
rate_limit_mb_per_member = optional(number, 114688)
rate_period_seconds = optional(number, 900)
rate_units = optional(string, "mb")
})
}) | `null` | no |
| [backup\_encryption\_key\_crn](#input\_backup\_encryption\_key\_crn) | The CRN of a Key Protect key, that you want to use for encrypting disk that holds deployment backups. Only used if var.kms\_encryption\_enabled is set to true. If no value is passed here, the value passed for the 'kms\_key\_crn' variable is used, unless 'use\_default\_backup\_encryption\_key' is set to 'true'. BYOK for backups is available only in US regions us-south and us-east, and eu-de. Only keys in the us-south and eu-de are durable to region failures. To ensure that your backups are available even if a region failure occurs, you must use a key from us-south or eu-de. Take note that Hyper Protect Crypto Services for IBM Cloud® Databases backups is not currently supported, so if no value is passed here, but a HPCS value is passed for var.kms\_key\_crn, databases backup encryption will use the default encryption keys. | `string` | `null` | no |
| [cbr\_rules](#input\_cbr\_rules) | (Optional, list) List of CBR rules to create | list(object({
description = string
account_id = string
rule_contexts = list(object({
attributes = optional(list(object({
name = string
value = string
}))) }))
enforcement_mode = string
})) | `[]` | no |
diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf
index 53fd7c8a..4c9be49e 100644
--- a/examples/complete/variables.tf
+++ b/examples/complete/variables.tf
@@ -67,7 +67,7 @@ variable "admin_pass" {
type = string
default = null
sensitive = true
- description = "The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. The admin password must be in the range of 10-32 characters."
+ description = "The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. The admin password must be in the range of 10-32 characters and cannot start with a special character."
}
variable "users" {
diff --git a/tests/pr_test.go b/tests/pr_test.go
index e6dfc526..477d2fa2 100644
--- a/tests/pr_test.go
+++ b/tests/pr_test.go
@@ -45,7 +45,7 @@ func TestRunCompleteExample(t *testing.T) {
// Generate a 10 char long random string for the admin_pass
randomBytes := make([]byte, 10)
_, err := rand.Read(randomBytes)
- randomPass := base64.URLEncoding.EncodeToString(randomBytes)[:10]
+ randomPass := "A" + base64.URLEncoding.EncodeToString(randomBytes)[:10]
options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{
Testing: t,
diff --git a/variables.tf b/variables.tf
index e1100f69..de644048 100644
--- a/variables.tf
+++ b/variables.tf
@@ -98,7 +98,7 @@ variable "member_disk_mb" {
variable "admin_pass" {
type = string
- description = "The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. The admin password must be in the range of 10-32 characters."
+ description = "The password for the database administrator. If the admin password is null then the admin user ID cannot be accessed. More users can be specified in a user block. The admin password must be in the range of 10-32 characters and cannot start with a special character."
default = null
sensitive = true
}