diff --git a/en/aws/sqs/sqs-encrypted.md b/en/aws/sqs/sqs-encrypted.md
index c3383d547..60edfa056 100644
--- a/en/aws/sqs/sqs-encrypted.md
+++ b/en/aws/sqs/sqs-encrypted.md
@@ -15,21 +15,21 @@
 | **Recommended Action** | Enable encryption using KMS for all SQS queues. |
 
 ## Detailed Remediation Steps
-1. Log into the AWS Management Console.
+1. Log in to the AWS Management Console.
 2. Select the "Services" option and search for SQS. </br> <img src="/resources/aws/sqs/sqs-encrypted/step2.png"/>
-3. Select the "SQS" queue that needs to be verify from "Name".</br> <img src="/resources/aws/sqs/sqs-encrypted/step3.png"/>
+3. Select the "SQS" queue that needs to be verified and click on its "Name".</br> <img src="/resources/aws/sqs/sqs-encrypted/step3.png"/>
 4. Scroll down the page and click on the "Encryption" tab from the bottom panel.</br> <img src="/resources/aws/sqs/sqs-encrypted/step4.png"/>
-5. Check the "Server Side Encryption" status for the selected "SQS" queue. If the "Server Side Encryption" is not configured then the following message is being displayed "Server-side encryption (SSE) is disabled. SSE lets you protect the contents of messages in Amazon SQS queues using keys managed in the AWS Key Management Service (AWS KMS)".</br> <img src="/resources/aws/sqs/sqs-encrypted/step5.png"/>
-6. Repeat steps number 2 - 5 to verify other "SQS" queue in the selected AWS region.</br>
+5. Check the "Server Side Encryption" status for the selected "SQS" queue. If the "Server Side Encryption" is not configured then the following message is  displayed "No server-side encryption is set for this queue". SSE protects the content of messages in Amazon SQS queues using keys managed in the AWS Key Management Service (AWS KMS)".</br> <img src="/resources/aws/sqs/sqs-encrypted/step5.png"/>
+6. Repeat step number 2 - 5 to verify other "SQS" queue in the selected AWS region.</br>
 7. To enable the "SQS" encryption navigate to KMS services to create a "KMS CMK customer-managed key".</br> <img src="/resources/aws/sqs/sqs-encrypted/step7.png"/>
 8. Scroll down the left navigation panel and choose "Customer managed keys" under "Key Management Service" and click on the "Create key" button at the top panel.</br> <img src="/resources/aws/sqs/sqs-encrypted/step8.png"/>
-9. On the "Add alias and description" page provide the "Alias" and "Description" for the new "KMS key" and click on the "Next" button. </br> <img src="/resources/aws/sqs/sqs-encrypted/step9.png"/>
-10. On the "Add tags" page provide a unique key for "Tag key", "Tag value" and click on the "Next" button.</br> <img src="/resources/aws/sqs/sqs-encrypted/step10.png"/>
-11. On the "Define key administrative permissions" page select the "IAM users" and roles who can administer the new "KMS key" through the KMS API.</br> <img src="/resources/aws/sqs/sqs-encrypted/step11.png"/>
-12. Click on the "Next" button at the bottom to continue the new "KMS key" process. </br> <img src="/resources/aws/sqs/sqs-encrypted/step12.png"/>
-13. On the "Define key usage permissions" page select the IAM users and roles that can use the CMK to encrypt and decrypt SQS data with the "AWS KMS API" and click on the "Next" button.</br> <img src="/resources/aws/sqs/sqs-encrypted/step13.png"/>
-14.  On the "Review and edit key policy" page review the policy and click on the "Finish" button to create a new "KMS key" which can be used to encrypt/decrypt the SQS data.</br> <img src="/resources/aws/sqs/sqs-encrypted/step14.png"/>
-15. Now "KMS CMK customer-managed key" is created navigate to SQS and select the "SQS" queue which needs to be modified.</br> <img src="/resources/aws/sqs/sqs-encrypted/step15.png"/>
-16. Click on the "Queue Actions" button at the top and select the "Configure Queue" option. </br> <img src="/resources/aws/sqs/sqs-encrypted/step16.png"/>
-17. On the "Configure Test" tab scroll down and under the "Server-Side Encryption (SSE) Settings" click on the checkbox next to "Use SSE" and select the "AWS KMS Customer Master Key (CMK)" from the dropdown menu and click on the "Save Changes" button to make the necessary changes.</br> <img src="/resources/aws/sqs/sqs-encrypted/step17.png"/>
-18. Repeat steps number 8 - 17 to enable encryption using KMS for all SQS queues.</br>
+9. On the "Configure key" page select key type as "Symmetric". In the advanced options select "Key material origin" as "KMS" and "Regionality" as "Single-Region key" and proceed by clicking "Next" button.</br> <img src="/resources/aws/sqs/sqs-encrypted/step9.png"/>
+10. On the "Add labels" page provide the "Alias" and "Description" for the new "KMS key" and click on the "Next" button. You can define unique tags for  "Tag key", "Tag value" under the "Tags" section. </br> <img src="/resources/aws/sqs/sqs-encrypted/step10.png"/>
+11. On the "Define key administrative permissions" page select the "IAM users" and roles who can administer the new "KMS key" through the KMS API and click "Next" button.</br> <img src="/resources/aws/sqs/sqs-encrypted/step11.png"/>
+12. On the "Define key usage permissions" page select the IAM users and roles that can use the CMK to encrypt and decrypt SQS data with the "AWS KMS API" and click on the "Next" button.</br> <img src="/resources/aws/sqs/sqs-encrypted/step12.png"/>
+13. On the "Review" page review the policy and click on the "Finish" button to create a new "KMS key" which can be used to encrypt/decrypt the SQS data.</br> <img src="/resources/aws/sqs/sqs-encrypted/step13.png"/>
+14. Now "KMS CMK customer-managed key" is created navigate to SQS and select the "SQS" queue which needs to be modified and click the "Edit" button at the top.</br> <img src="/resources/aws/sqs/sqs-encrypted/step14.png"/>
+15. On the "Edit TestQueue" page scroll down to "Encryption" and under the "Server-Side Encryption" select "Enabled". </br> <img src="/resources/aws/sqs/sqs-encrypted/step15.png"/>
+16. Under the "Encryption key type" select "AWS Key Management Service key (SSE-KMS)" and from the dropdown under "Customer master key" select the key that you have created for SQS.</br> <img src="/resources/aws/sqs/sqs-encrypted/step16.png"/>
+17. Click on the "Save" button to make the necessary changes.</br> <img src="/resources/aws/sqs/sqs-encrypted/step17.png"/>
+18. Repeat step number 7 - 17 to enable encryption using KMS for all SQS queues.</br>
diff --git a/resources/aws/sqs/sqs-encrypted/step10.png b/resources/aws/sqs/sqs-encrypted/step10.png
index 14ba24c07..6a0163fbe 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step10.png and b/resources/aws/sqs/sqs-encrypted/step10.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step11.png b/resources/aws/sqs/sqs-encrypted/step11.png
index d36ad8150..0636fb35e 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step11.png and b/resources/aws/sqs/sqs-encrypted/step11.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step12.png b/resources/aws/sqs/sqs-encrypted/step12.png
index bbf2cd1ef..20891c267 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step12.png and b/resources/aws/sqs/sqs-encrypted/step12.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step13.png b/resources/aws/sqs/sqs-encrypted/step13.png
index 10918790e..1e51fa622 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step13.png and b/resources/aws/sqs/sqs-encrypted/step13.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step14.png b/resources/aws/sqs/sqs-encrypted/step14.png
index 4fb6e73c0..767f93f0b 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step14.png and b/resources/aws/sqs/sqs-encrypted/step14.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step15.png b/resources/aws/sqs/sqs-encrypted/step15.png
index d14e6ce2c..7f2db3013 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step15.png and b/resources/aws/sqs/sqs-encrypted/step15.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step16.png b/resources/aws/sqs/sqs-encrypted/step16.png
index d1b7a0c1c..40078d990 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step16.png and b/resources/aws/sqs/sqs-encrypted/step16.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step17.png b/resources/aws/sqs/sqs-encrypted/step17.png
index f849fbd84..216d3b50a 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step17.png and b/resources/aws/sqs/sqs-encrypted/step17.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step2.png b/resources/aws/sqs/sqs-encrypted/step2.png
index 74d772fc0..31e56ab29 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step2.png and b/resources/aws/sqs/sqs-encrypted/step2.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step3.png b/resources/aws/sqs/sqs-encrypted/step3.png
index c83dc0eab..8cfedf498 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step3.png and b/resources/aws/sqs/sqs-encrypted/step3.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step4.png b/resources/aws/sqs/sqs-encrypted/step4.png
index 2ea890b54..6fbcb6273 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step4.png and b/resources/aws/sqs/sqs-encrypted/step4.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step5.png b/resources/aws/sqs/sqs-encrypted/step5.png
index 58e29b8ac..b87239583 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step5.png and b/resources/aws/sqs/sqs-encrypted/step5.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step7.png b/resources/aws/sqs/sqs-encrypted/step7.png
index e9fe46113..ba20d4ef3 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step7.png and b/resources/aws/sqs/sqs-encrypted/step7.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step8.png b/resources/aws/sqs/sqs-encrypted/step8.png
index ca6941449..5870f32d6 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step8.png and b/resources/aws/sqs/sqs-encrypted/step8.png differ
diff --git a/resources/aws/sqs/sqs-encrypted/step9.png b/resources/aws/sqs/sqs-encrypted/step9.png
index da2e65987..5e2603c86 100644
Binary files a/resources/aws/sqs/sqs-encrypted/step9.png and b/resources/aws/sqs/sqs-encrypted/step9.png differ