diff --git a/doc_source/Appendix.MySQL.Options.memcached.md b/doc_source/Appendix.MySQL.Options.memcached.md
index 646d4c3..a4937df 100644
--- a/doc_source/Appendix.MySQL.Options.memcached.md
+++ b/doc_source/Appendix.MySQL.Options.memcached.md
@@ -24,7 +24,7 @@ The `memcached` interface is a simple, key\-based cache\. Applications use `memc
 
 You turn off the `memcached` support for an instance by modifying the instance and specifying the default option group for your MySQL version\. For more information about modifying a DB instance, see [Modifying an Amazon RDS DB instance](Overview.DBInstance.Modifying.md)\.
 
-## MySQL memcached security considerations<a name="w374aac39c75c15c11"></a>
+## MySQL memcached security considerations<a name="w377aac39c75c15c11"></a>
 
 The `memcached` protocol does not support user authentication\. For more information about MySQL `memcached` security considerations, see [Security Considerations for the InnoDB memcached Plugin](https://dev.mysql.com/doc/refman/8.0/en/innodb-memcached-security.html) in the MySQL documentation\.
 
@@ -32,7 +32,7 @@ You can take the following actions to help increase the security of the `memcach
 + Specify a different port than the default of 11211 when adding the `MEMCACHED` option to the option group\.
 + Ensure that you associate the `memcached` interface with a VPC security group that limits access to known, trusted client addresses and EC2 instances\. For more information about managing security groups, see [Controlling access with security groups](Overview.RDSSecurityGroups.md)\.
 
-## MySQL memcached connection information<a name="w374aac39c75c15c13"></a>
+## MySQL memcached connection information<a name="w377aac39c75c15c13"></a>
 
 To access the `memcached` interface, an application must specify both the DNS name of the Amazon RDS instance and the `memcached` port number\. For example, if an instance has a DNS name of `my-cache-instance.cg034hpkmmjt.region.rds.amazonaws.com` and the memcached interface is using port 11212, the connection information specified in PHP would be:
 
@@ -64,11 +64,11 @@ To access the `memcached` interface, an application must specify both the DNS na
 
 1. Choose the name of the option group used by the MySQL DB instance to show the option group details\. In the **Options** section, note the value of the **Port** setting for the **MEMCACHED** option\.
 
-## MySQL memcached option settings<a name="w374aac39c75c15c15"></a>
+## MySQL memcached option settings<a name="w377aac39c75c15c15"></a>
 
 Amazon RDS exposes the MySQL `memcached` parameters as option settings in the Amazon RDS `MEMCACHED` option\.
 
-### MySQL memcached parameters<a name="w374aac39c75c15c15b4"></a>
+### MySQL memcached parameters<a name="w377aac39c75c15c15b4"></a>
 +  `DAEMON_MEMCACHED_R_BATCH_SIZE` – an integer that specifies how many `memcached` read operations \(get\) to perform before doing a COMMIT to start a new transaction\. The allowed values are 1 to 4294967295; the default is 1\. The option does not take effect until the instance is restarted\.
 +  `DAEMON_MEMCACHED_W_BATCH_SIZE` – an integer that specifies how many `memcached` write operations, such as add, set, or incr, to perform before doing a COMMIT to start a new transaction\. The allowed values are 1 to 4294967295; the default is 1\. The option does not take effect until the instance is restarted\.
 +  `INNODB_API_BK_COMMIT_INTERVAL` – an integer that specifies how often to auto\-commit idle connections that use the InnoDB `memcached` interface\. The allowed values are 1 to 1073741824; the default is 5\. The option takes effect immediately, without requiring that you restart the instance\.
@@ -78,7 +78,7 @@ Amazon RDS exposes the MySQL `memcached` parameters as option settings in the Am
 
 Amazon RDS configures these MySQL `memcached` parameters, and they cannot be modified: `DAEMON_MEMCACHED_LIB_NAME`, `DAEMON_MEMCACHED_LIB_PATH`, and `INNODB_API_ENABLE_BINLOG`\. The parameters that MySQL administrators set by using `daemon_memcached_options` are available as individual `MEMCACHED` option settings in Amazon RDS\.
 
-### MySQL daemon\_memcached\_options parameters<a name="w374aac39c75c15c15b6"></a>
+### MySQL daemon\_memcached\_options parameters<a name="w377aac39c75c15c15b6"></a>
 +  `BINDING_PROTOCOL` – a string that specifies the binding protocol to use\. The allowed values are `auto`, `ascii`, or `binary`\. The default is `auto`, which means the server automatically negotiates the protocol with the client\. The option does not take effect until the instance is restarted\.
 +  `BACKLOG_QUEUE_LIMIT` – an integer that specifies how many network connections can be waiting to be processed by `memcached`\. Increasing this limit may reduce errors received by a client that is not able to connect to the `memcached` instance, but does not improve the performance of the server\. The allowed values are 1 to 2048; the default is 1024\. The option does not take effect until the instance is restarted\.
 +  `CAS_DISABLED` – a Boolean that enables \(1 \(true\)\) or disables \(0 \(false\)\) the use of compare and swap \(CAS\), which reduces the per\-item size by 8 bytes\. The default is 0 \(false\)\. The option does not take effect until the instance is restarted\.
diff --git a/doc_source/CHAP_SQLServer.md b/doc_source/CHAP_SQLServer.md
index 4b358b7..8d5b6b1 100644
--- a/doc_source/CHAP_SQLServer.md
+++ b/doc_source/CHAP_SQLServer.md
@@ -239,6 +239,8 @@ The following table displays the planned schedule of deprecations for major engi
 
 | Date | Information | 
 | --- | --- | 
+| July 9, 2024 |  Microsoft will stop critical patch updates for SQL Server 2014\. For more information, see [Microsoft SQL Server 2014](https://learn.microsoft.com/en-us/lifecycle/products/sql-server-2014) in the Microsoft documentation\.  | 
+|  June 1, 2024 |  Amazon RDS plans to end support of Microsoft SQL Server 2014 on RDS for SQL Server\. At that time, any remaining instances will be scheduled to migrate to SQL Server 2016 \(latest minor version available\)\. For more information, see [Announcement: Amazon RDS for SQL Server ending support for SQL Server 2014 major versions](https://repost.aws/articles/AR-eyAH1PSSuevuZRUE9FV3A)\. To avoid an automatic upgrade from Microsoft SQL Server 2014, you can upgrade at a time that is convenient to you\. For more information, see [Upgrading a DB instance engine version](USER_UpgradeDBInstance.Upgrading.md)\.  | 
 | July 12, 2022 |  Microsoft will stop critical patch updates for SQL Server 2012\. For more information, see [Microsoft SQL Server 2012](https://docs.microsoft.com/en-us/lifecycle/products/microsoft-sql-server-2012) in the Microsoft documentation\.  | 
 | June 1, 2022 |  Amazon RDS plans to end support of Microsoft SQL Server 2012 on RDS for SQL Server\. At that time, any remaining instances will be scheduled to migrate to SQL Server 2014 \(latest minor version available\)\. For more information, see [Announcement: Amazon RDS for SQL Server ending support for SQL Server 2012 major versions](https://repost.aws/questions/QUFNiETqrMQ_WT_AXSxOYNOA)\. To avoid an automatic upgrade from Microsoft SQL Server 2012, you can upgrade at a time that is convenient to you\. For more information, see [Upgrading a DB instance engine version](USER_UpgradeDBInstance.Upgrading.md)\.  | 
 | September 1, 2021 | Amazon RDS is starting to disable the creation of new RDS for SQL Server DB instances using Microsoft SQL Server 2012\. For more information, see [Announcement: Amazon RDS for SQL Server ending support for SQL Server 2012 major versions](https://repost.aws/questions/QUFNiETqrMQ_WT_AXSxOYNOA)\. | 
diff --git a/doc_source/Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.md b/doc_source/Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.md
index 3340640..5ef95ab 100644
--- a/doc_source/Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.md
+++ b/doc_source/Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.md
@@ -2,10 +2,9 @@
 
 Amazon RDS Custom automates database administration tasks and operations\. By using RDS Custom, as a database administrator you can access and customize your database environment and operating system\. With RDS Custom, you can customize to meet the requirements of legacy, custom, and packaged applications\. For more information, see [Working with Amazon RDS Custom](rds-custom.md)\.
 
-RDS Custom isn't available with the following engines:
-+ RDS for MariaDB
-+ RDS for MySQL
-+ RDS for PostgreSQL
+RDS Custom is supported for the following DB engines only:
++ RDS for Oracle
++ RDS for SQL Server
 
 **Topics**
 + [RDS Custom for Oracle](#Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.ora)
@@ -49,39 +48,43 @@ The following Regions and engine versions are available for RDS Custom for Oracl
 
 ## RDS Custom for SQL Server<a name="Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.sq"></a>
 
-The following Regions and engine versions are available for RDS Custom for SQL Server\.
+You can deploy RDS Custom for SQL Server by using either an RDS provided engine version \(RPEV\) or a custom engine version \(CEV\):
++ If you use an RPEV, it includes the default Amazon Machine Image \(AMI\) and SQL Server installation\. If you customize or modify the operating system \(OS\), your changes might not persist during patching, snapshot restore, or automatic recovery\.
++ If you use a CEV, you choose your own AMI with either pre\-installed Microsoft SQL Server or SQL Server that you install using your own media\. When using an AWS provided CEV, you choose the latest Amazon EC2 image \(AMI\) available by AWS, which has the cumulative update \(CU\) supported by RDS Custom for SQL Server\. With a CEV, you can customize both the OS and SQL Server configuration to meet your enterprise needs\.
 
+The following AWS Regions and DB engine versions are available for RDS Custom for SQL Server\. The engine version support depends on whether you're using RDS Custom for SQL Server with an RPEV, AWS provided CEV, or customer\-provided CEV\.
 
-| Region | RDS for SQL Server 2019 | 
-| --- | --- | 
-| US East \(Ohio\) | Enterprise, Standard, or Web | 
-| US East \(N\. Virginia\) | Enterprise, Standard, or Web | 
-| US West \(N\. California\) | – | 
-| US West \(Oregon\) | Enterprise, Standard, or Web | 
-| Africa \(Cape Town\) | – | 
-| Asia Pacific \(Hong Kong\) | – | 
-| Asia Pacific \(Hyderabad\) | – | 
-| Asia Pacific \(Jakarta\) | – | 
-| Asia Pacific \(Melbourne\) | – | 
-| Asia Pacific \(Mumbai\) | Enterprise, Standard, or Web | 
-| Asia Pacific \(Osaka\) | – | 
-| Asia Pacific \(Seoul\) | Enterprise, Standard, or Web | 
-| Asia Pacific \(Singapore\) | Enterprise, Standard, or Web | 
-| Asia Pacific \(Sydney\) | Enterprise, Standard, or Web | 
-| Asia Pacific \(Tokyo\) | Enterprise, Standard, or Web | 
-| Canada \(Central\) | Enterprise, Standard, or Web | 
-| China \(Beijing\) | – | 
-| China \(Ningxia\) | – | 
-| Europe \(Frankfurt\) | Enterprise, Standard, or Web | 
-| Europe \(Ireland\) | Enterprise, Standard, or Web | 
-| Europe \(London\) | Enterprise, Standard, or Web | 
-| Europe \(Milan\) | – | 
-| Europe \(Paris\) | – | 
-| Europe \(Spain\) | – | 
-| Europe \(Stockholm\) | Enterprise, Standard, or Web | 
-| Europe \(Zurich\) | – | 
-| Middle East \(Bahrain\) | – | 
-| Middle East \(UAE\) | – | 
-| South America \(São Paulo\) | Enterprise, Standard, or Web | 
-| AWS GovCloud \(US\-East\) | – | 
-| AWS GovCloud \(US\-West\) | – | 
\ No newline at end of file
+
+| Region | RPEV | AWS provided CEV | Customer\-provided CEV | 
+| --- | --- | --- | --- | 
+| US East \(Ohio\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20 | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20 | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| US East \(N\. Virginia\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| US West \(N\. California\) | – | – | – | 
+| US West \(Oregon\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Africa \(Cape Town\) | – | – | – | 
+| Asia Pacific \(Hong Kong\) | – | – | – | 
+| Asia Pacific \(Hyderabad\) | – | – | – | 
+| Asia Pacific \(Jakarta\) | – | – | – | 
+| Asia Pacific \(Melbourne\) | – | – | – | 
+| Asia Pacific \(Mumbai\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Asia Pacific \(Osaka\) | – | – | – | 
+| Asia Pacific \(Seoul\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Asia Pacific \(Singapore\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Asia Pacific \(Sydney\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Asia Pacific \(Tokyo\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Canada \(Central\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| China \(Beijing\) | – | – | – | 
+| China \(Ningxia\) | – | – | – | 
+| Europe \(Frankfurt\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Europe \(Ireland\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Europe \(London\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Europe \(Milan\) | – | – | – | 
+| Europe \(Paris\) | – | – | – | 
+| Europe \(Spain\) | – | – | – | 
+| Europe \(Stockholm\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| Europe \(Zurich\) | – | – | – | 
+| Middle East \(Bahrain\) | – | – | – | 
+| Middle East \(UAE\) | – | – | – | 
+| South America \(São Paulo\) | Enterprise, Standard, or Web SQL Server 2019 with CU8, CU17, CU18, CU20  | Enterprise, Standard, or Web SQL Server 2019 with CU17, CU18, CU20  | Enterprise or Standard SQL Server 2019 with CU17, CU18, CU20 | 
+| AWS GovCloud \(US\-East\) | – | – | – | 
+| AWS GovCloud \(US\-West\) | – | – | – | 
\ No newline at end of file
diff --git a/doc_source/MySQL.Concepts.VersionMgmt.md b/doc_source/MySQL.Concepts.VersionMgmt.md
index 7e67fe2..7295b72 100644
--- a/doc_source/MySQL.Concepts.VersionMgmt.md
+++ b/doc_source/MySQL.Concepts.VersionMgmt.md
@@ -23,7 +23,7 @@ Dates with only a month and a year are approximate and are updated with an exact
 |  8\.0\.32  |  17 January 2023  |  7 February 2023  |  March 2024  | 
 |  8\.0\.31  |  11 October 2022  |  10 November 2022  |  March 2024  | 
 |  8\.0\.30  |  26 July 2022  |  9 September 2022  |  September 2023  | 
-|  8\.0\.28  |  18 January 2022  |  11 March 2022  |  September 2023  | 
+|  8\.0\.28  |  18 January 2022  |  11 March 2022  | March 2024 | 
 | 5\.7 | 
 |  5\.7\.41  |  17 January 2023  |  7 February 2023  |  October 2023  | 
 |  5\.7\.40  |  11 October 2022  |  11 November 2022  |  October 2023  | 
diff --git a/doc_source/Oracle.Concepts.FeatureSupport.md b/doc_source/Oracle.Concepts.FeatureSupport.md
index ec9f581..eec106b 100644
--- a/doc_source/Oracle.Concepts.FeatureSupport.md
+++ b/doc_source/Oracle.Concepts.FeatureSupport.md
@@ -80,9 +80,9 @@ This feature changes to Continuous Query Notification in Oracle Database 12c Rel
 + Multimedia
 
   For more information, see [Oracle Multimedia](Oracle.Options.Multimedia.md)\.
-+ Multitenant \(single\-tenant architecture only\)
++ Multitenant \(single\-tenant configuration only\)
 
-  This feature is available for all Oracle Database 19c and higher releases\. For more information, see [Overview of RDS for Oracle CDBs](oracle-multitenant.md#Oracle.Concepts.single-tenant) and [Limitations of a single\-tenant CDB](Oracle.Concepts.limitations.md#Oracle.Concepts.single-tenant-limitations)\.
+  The multitenant architecture is supported for all Oracle Database 19c and higher releases\. For more information, see [Overview of RDS for Oracle CDBs](oracle-multitenant.md#Oracle.Concepts.single-tenant) and [Limitations of a single\-tenant CDB](Oracle.Concepts.limitations.md#Oracle.Concepts.single-tenant-limitations)\.
 + Network encryption
 
   For more information, see [Oracle native network encryption](Appendix.Oracle.Options.NetworkEncryption.md) and [Oracle Secure Sockets Layer](Appendix.Oracle.Options.SSL.md)\.
@@ -113,6 +113,8 @@ Amazon RDS for Oracle doesn't support the following Oracle Database features:
 + Automatic Storage Management \(ASM\)
 + Database Vault
 + Flashback Database
+**Note**  
+For alternative solutions, see the AWS Database Blog entry [Alternatives to the Oracle flashback database feature in Amazon RDS for Oracle](http://aws.amazon.com/blogs/database/alternatives-to-the-oracle-flashback-database-feature-in-amazon-rds-for-oracle/)\.
 + FTP and SFTP
 + Hybrid partitioned tables
 + Messaging Gateway
diff --git a/doc_source/Oracle.Options.OEM.md b/doc_source/Oracle.Options.OEM.md
index e19bf72..b975dec 100644
--- a/doc_source/Oracle.Options.OEM.md
+++ b/doc_source/Oracle.Options.OEM.md
@@ -9,11 +9,11 @@ Amazon RDS supports OEM through the following options\.
 
 | Option | Option ID | Supported OEM releases | Supported Oracle Database releases | 
 | --- | --- | --- | --- | 
-|  [OEM Database Express](Appendix.Oracle.Options.OEM_DBControl.md)  |  `OEM`  |  OEM Database Express 12c  |  Oracle Database 19c \(non\-CDB only\) and Oracle Database 12c  | 
-|  [OEM Management Agent](Oracle.Options.OEMAgent.md)  |  `OEM_AGENT`  |  OEM Cloud Control for 13c OEM Cloud Control for 12c   |  Oracle Database 19c \(non\-CDB only\) and Oracle Database 12c  | 
+|  [OEM Database Express](Appendix.Oracle.Options.OEM_DBControl.md)  |  `OEM`  |  OEM Database Express 12c  |  Oracle Database 19c \(non\-CDB only\) Oracle Database 12c  | 
+|  [OEM Management Agent](Oracle.Options.OEMAgent.md)  |  `OEM_AGENT`  |  OEM Cloud Control for 13c OEM Cloud Control for 12c   |  Oracle Database 19c \(non\-CDB only\) Oracle Database 12c  | 
 
 **Note**  
 You can use OEM Database or OEM Management Agent, but not both\. 
 
 **Note**  
-These options aren't supported for the single\-tenant architecture\. 
\ No newline at end of file
+These options aren't supported for the Oracle multitenant architecture\. 
\ No newline at end of file
diff --git a/doc_source/Oracle.Options.OLS.md b/doc_source/Oracle.Options.OLS.md
index 9df2b3f..a581bf2 100644
--- a/doc_source/Oracle.Options.OLS.md
+++ b/doc_source/Oracle.Options.OLS.md
@@ -17,7 +17,7 @@ Familiarize yourself with the following prerequisites for Oracle Label Security:
 + Your DB instance must use the Bring Your Own License model\. For more information, see [RDS for Oracle licensing options](Oracle.Concepts.Licensing.md)\. 
 + You must have a valid license for Oracle Enterprise Edition with Software Update License and Support\. 
 + Your Oracle license must include the Label Security option\. 
-+ You must be using the non\-multitenant database architecture rather than the single\-tenant architecture\. For more information, see [Overview of RDS for Oracle CDBs](oracle-multitenant.md#Oracle.Concepts.single-tenant)\.
++ You must be using the non\-multitenant \(non\-CDB\) database architecture\. For more information, see [Overview of RDS for Oracle CDBs](oracle-multitenant.md#Oracle.Concepts.single-tenant)\.
 
 ## Adding the Oracle Label Security option<a name="Oracle.Options.OLS.Add"></a>
 
diff --git a/doc_source/Overview.Encryption.md b/doc_source/Overview.Encryption.md
index f7540d1..713d5ad 100644
--- a/doc_source/Overview.Encryption.md
+++ b/doc_source/Overview.Encryption.md
@@ -18,14 +18,14 @@ For encrypted and unencrypted DB instances, data that is in transit between the
 
 Amazon RDS encrypted DB instances provide an additional layer of data protection by securing your data from unauthorized access to the underlying storage\. You can use Amazon RDS encryption to increase data protection of your applications deployed in the cloud, and to fulfill compliance requirements for encryption at rest\.
 
-Amazon RDS also supports encrypting an Oracle or SQL Server DB instance with Transparent Data Encryption \(TDE\)\. TDE can be used with RDS encryption at rest, although using TDE and RDS encryption at rest simultaneously might slightly affect the performance of your database\. You must manage different keys for each encryption method\. For more information on TDE, see [Oracle Transparent Data Encryption](Appendix.Oracle.Options.AdvSecurity.md) or [Support for Transparent Data Encryption in SQL Server](Appendix.SQLServer.Options.TDE.md)\.
-
 For an Amazon RDS encrypted DB instance, all logs, backups, and snapshots are encrypted\. Amazon RDS uses an AWS KMS key to encrypt these resources\. For more information about KMS keys, see [AWS KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys) in the *AWS Key Management Service Developer Guide* and [AWS KMS key management](Overview.Encryption.Keys.md)\. If you copy an encrypted snapshot, you can use a different KMS key to encrypt the target snapshot than the one that was used to encrypt the source snapshot\.
 
 A read replica of an Amazon RDS encrypted instance must be encrypted using the same KMS key as the primary DB instance when both are in the same AWS Region\. If the primary DB instance and read replica are in different AWS Regions, you encrypt the read replica using the KMS key for that AWS Region\.
 
 You can use an AWS managed key, or you can create customer managed keys\. To manage the customer managed keys used for encrypting and decrypting your Amazon RDS resources, you use the [AWS Key Management Service \(AWS KMS\)](https://docs.aws.amazon.com/kms/latest/developerguide/)\. AWS KMS combines secure, highly available hardware and software to provide a key management system scaled for the cloud\. Using AWS KMS, you can create customer managed keys and define the policies that control how these customer managed keys can be used\. AWS KMS supports CloudTrail, so you can audit KMS key usage to verify that customer managed keys are being used appropriately\. You can use your customer managed keys with Amazon Aurora and supported AWS services such as Amazon S3, Amazon EBS, and Amazon Redshift\. For a list of services that are integrated with AWS KMS, see [AWS Service Integration](http://aws.amazon.com/kms/features/#AWS_Service_Integration)\.
 
+Amazon RDS also supports encrypting an Oracle or SQL Server DB instance with Transparent Data Encryption \(TDE\)\. TDE can be used with RDS encryption at rest, although using TDE and RDS encryption at rest simultaneously might slightly affect the performance of your database\. You must manage different keys for each encryption method\. For more information on TDE, see [Oracle Transparent Data Encryption](Appendix.Oracle.Options.AdvSecurity.md) or [Support for Transparent Data Encryption in SQL Server](Appendix.SQLServer.Options.TDE.md)\.
+
 ## Encrypting a DB instance<a name="Overview.Encryption.Enabling"></a>
 
 To encrypt a new DB instance, choose **Enable encryption** on the Amazon RDS console\. For information on creating a DB instance, see [Creating an Amazon RDS DB instance](USER_CreateDBInstance.md)\.
diff --git a/doc_source/SQLServer.Procedural.Importing.md b/doc_source/SQLServer.Procedural.Importing.md
index 5a8fe0e..6c4764e 100644
--- a/doc_source/SQLServer.Procedural.Importing.md
+++ b/doc_source/SQLServer.Procedural.Importing.md
@@ -91,7 +91,7 @@ To set up for native backup and restore, you need three components:
 
    You must have an S3 bucket to use for your backup files and then upload backups you want to migrate to RDS\. If you already have an Amazon S3 bucket, you can use that\. If you don't, you can [create a bucket](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/CreatingaBucket.html)\. Alternatively, you can choose to have a new bucket created for you when you add the `SQLSERVER_BACKUP_RESTORE` option by using the AWS Management Console\.
 
-   For information on using S3, see the *Amazon Simple Storage Service User Guide* for a simple introduction\. For more depth, see the *Amazon Simple Storage Service User Guide*\.
+   For information on using S3, see the [Amazon Simple Storage Service User Guide](https://docs.aws.amazon.com/AmazonS3/latest/gsg/)
 
 1. An AWS Identity and Access Management \(IAM\) role to access the bucket\.
 
diff --git a/doc_source/USER_Events.Messages.md b/doc_source/USER_Events.Messages.md
index aca0d14..40a31d7 100644
--- a/doc_source/USER_Events.Messages.md
+++ b/doc_source/USER_Events.Messages.md
@@ -238,6 +238,7 @@ The following table shows the event category and a list of events when an RDS Pr
 | deletion | RDS\-EVENT\-0205 |  RDS deleted DB proxy *name*\.  |  | 
 |  deletion  | RDS\-EVENT\-0208 |  RDS deleted endpoint *name* for DB proxy *name*\.  |  | 
 |  failure  | RDS\-EVENT\-0243 |  RDS failed to provision capacity for proxy *name* because there aren't enough IP addresses available in your subnets: *name*\. To fix the issue, make sure that your subnets have the minimum number of unused IP addresses as recommended in the RDS Proxy documentation\.  |  To determine the recommended number for your instance class, see [Planning for IP address capacity](rds-proxy-setup.md#rds-proxy-network-prereqs.plan-ip-address)\.  | 
+|  failure | RDS\-EVENT\-0275 |  RDS throttled some connections to DB proxy \(RDS Proxy\)\.  |  | 
 
 ## Blue/green deployment events<a name="USER_Events.Messages.BlueGreenDeployments"></a>
 
diff --git a/doc_source/USER_ReadRepl.md b/doc_source/USER_ReadRepl.md
index 66ab471..a4555f3 100644
--- a/doc_source/USER_ReadRepl.md
+++ b/doc_source/USER_ReadRepl.md
@@ -76,7 +76,7 @@ Because Amazon RDS DB engines implement replication differently, there are sever
 |  What is the replication method?   |  Logical replication\.  |  Physical replication\.  |  Physical replication\.  |  Physical replication\.  | 
 |  How are transaction logs purged?  |  RDS for MySQL and RDS for MariaDB keep any binary logs that haven't been applied\.  |  If a primary DB instance has no cross\-Region read replicas, Amazon RDS for Oracle keeps a minimum of two hours of transaction logs on the source DB instance\. Logs are purged from the source DB instance after two hours or after the archive log retention hours setting has passed, whichever is longer\. Logs are purged from the read replica after the archive log retention hours setting has passed only if they have been successfully applied to the database\.  In some cases, a primary DB instance might have one or more cross\-Region read replicas\. If so, Amazon RDS for Oracle keeps the transaction logs on the source DB instance until they have been transmitted and applied to all cross\-Region read replicas\. For information about setting archive log retention hours, see [Retaining archived redo logs](Appendix.Oracle.CommonDBATasks.Log.md#Appendix.Oracle.CommonDBATasks.RetainRedoLogs)\.  |  PostgreSQL has the parameter `wal_keep_segments` that dictates how many write ahead log \(WAL\) files are kept to provide data to the read replicas\. The parameter value specifies the number of logs to keep\.   |  The Virtual Log File \(VLF\) of the transaction log file on the primary replica can be truncated after it is no longer required for the secondary replicas\.  The VLF can only be marked as inactive when the log records have been hardened in the replicas\. Regardless of how fast the disk subsystems are in the primary replica, the transaction log will keep the VLFs until the slowest replica has hardened it\.  | 
 |  Can a replica be made writable?  |  Yes\. You can enable the MySQL or MariaDB read replica to be writable\.   |  No\. An Oracle read replica is a physical copy, and Oracle doesn't allow for writes in a read replica\. You can promote the read replica to make it writable\. The promoted read replica has the replicated data to the point when the request was made to promote it\.   |  No\. A PostgreSQL read replica is a physical copy, and PostgreSQL doesn't allow for a read replica to be made writable\.   |  No\. A SQL Server read replica is a physical copy and also doesn't allow for writes\. You can promote the read replica to make it writable\. The promoted read replica has the replicated data up to the point when the request was made to promote it\.  | 
-|  Can backups be performed on the replica?  |  Yes\. Automatic backups and manual snapshots are supported on RDS for MySQL or RDS for MariaDB read replicas\.   |  Yes\. Automatic backups and manual snapshots are supported on RDS for Oracle read replicas\.   |  Yes, you can create a manual snapshot of RDS for PostgreSQL read replicas, but automatic backups aren't supported\.   |  No\. Automatic backups and manual snapshots aren't supported on RDS for SQL Server read replicas\.  | 
+|  Can backups be performed on the replica?  |  Yes\. Automatic backups and manual snapshots are supported on RDS for MySQL or RDS for MariaDB read replicas\.   |  Yes\. Automatic backups and manual snapshots are supported on RDS for Oracle read replicas\.   |  Yes, you can create a manual snapshot of RDS for PostgreSQL read replicas\. Automated backups for read replicas are supported for RDS for PostgreSQL 14\.1 and higher versions only\. You can't turn on automated backups for PostgreSQL read replicas for RDS for PostgreSQL versions earlier than 14\.1\. For RDS for PostgreSQL 13 and earlier versions, create a snapshot from a read replica if you want a backup of it\.  |  No\. Automatic backups and manual snapshots aren't supported on RDS for SQL Server read replicas\.  | 
 |  Can you use parallel replication?  |  Yes\. All supported MariaDB and MySQL versions allow for parallel replication threads\.   |  Yes\. Redo log data is always transmitted in parallel from the primary database to all of its read replicas\.  |  No\. PostgreSQL has a single process handling replication\.  |  Yes\. Redo log data is always transmitted in parallel from the primary database to all of its read replicas\.  | 
 |  Can you maintain a replica in a mounted rather than a read\-only state?  |  No\.  |  Yes\. The primary use for mounted replicas is cross\-Region disaster recovery\. An Active Data Guard license isn't required for mounted replicas\. For more information, see [Working with read replicas for Amazon RDS for Oracle](oracle-read-replicas.md)\.  |  No\.  |  No\.  | 
 
diff --git a/doc_source/USER_UpgradeDBInstance.Maintenance.md b/doc_source/USER_UpgradeDBInstance.Maintenance.md
index cd34656..3194d4b 100644
--- a/doc_source/USER_UpgradeDBInstance.Maintenance.md
+++ b/doc_source/USER_UpgradeDBInstance.Maintenance.md
@@ -226,7 +226,7 @@ To adjust the preferred maintenance window, use the Amazon RDS API [https://docs
 
 ## Working with operating system updates<a name="OS_Updates"></a>
 
-RDS for MariaDB, RDS for MySQL, and RDS for PostgreSQL DB instances occasionally require operating system updates\. Amazon RDS upgrades the operating system to a newer version to improve database performance and customers’ overall security posture\. Typically, the updates take about 10 minutes\. Operating system updates don't change the DB engine version or DB instance class of a DB instance\.
+RDS for MariaDB, RDS for MySQL, RDS for PostgreSQL, and RDS for Oracle DB instances occasionally require operating system updates\. Amazon RDS upgrades the operating system to a newer version to improve database performance and customers’ overall security posture\. Typically, the updates take about 10 minutes\. Operating system updates don't change the DB engine version or DB instance class of a DB instance\.
 
 Operating system updates can be either optional or mandatory:
 + An **optional update** can be applied at any time\. While these updates are optional, we recommend that you apply them periodically to keep your RDS fleet up to date\. RDS *does not* apply these updates automatically\.
diff --git a/doc_source/UsingWithRDS.IAMDBAuth.md b/doc_source/UsingWithRDS.IAMDBAuth.md
index 010f5af..f6e020f 100644
--- a/doc_source/UsingWithRDS.IAMDBAuth.md
+++ b/doc_source/UsingWithRDS.IAMDBAuth.md
@@ -57,6 +57,8 @@ We recommend the following when using IAM database authentication:
 + Use IAM database authentication when your application requires fewer than 200 new IAM database authentication connections per second\.
 
   The database engines that work with Amazon RDS don't impose any limits on authentication attempts per second\. However, when you use IAM database authentication, your application must generate an authentication token\. Your application then uses that token to connect to the DB instance\. If you exceed the limit of maximum new connections per second, then the extra overhead of IAM database authentication can cause connection throttling\. 
+
+  Consider using connection pooling in your applications to mitigate constant connection creation\. This can reduce the overhead from IAM DB authentication and allow your applications to reuse existing connections\. Alternatively, consider using RDS Proxy for these use cases\. RDS Proxy has additional costs\. See [RDS Proxy pricing](http://aws.amazon.com/rds/proxy/pricing/)\.
 + The size of an IAM database authentication token depends on many things including the number of IAM tags, IAM service policies, ARN lengths, as well as other IAM and database properties\. The minimum size of this token is generally about 1 KB but can be larger\. Since this token is used as the password in the connection string to the database using IAM authentication, you should ensure that your database driver \(e\.g\., ODBC\) and/or any tools do not limit or otherwise truncate this token due to its size\. A truncated token will cause the authentication validation done by the database and IAM to fail\.
 + If you are using temporary credentials when creating an IAM database authentication token, the temporary credentials must still be valid when using the IAM database authentication token to make a connection request\.
 
diff --git a/doc_source/WhatsNew.md b/doc_source/WhatsNew.md
index cd5c222..60cae7e 100644
--- a/doc_source/WhatsNew.md
+++ b/doc_source/WhatsNew.md
@@ -5,10 +5,11 @@
 The following table describes important changes in each release of the *Amazon RDS User Guide* after May 2018\. For notification about updates to this documentation, you can subscribe to an RSS feed\. 
 
 **Note**  
-You can filter new Amazon RDS features on the [What's New with Database?](http://aws.amazon.com/about-aws/whats-new/database/) page\. For **Products**, choose **Amazon RDS**\. Then search using keywords such as **RDS Proxy** or **Oracle 2022**\.
+You can filter new Amazon RDS features on the [What's New with Database?](http://aws.amazon.com/about-aws/whats-new/database/) page\. For **Products**, choose **Amazon RDS**\. Then search using keywords such as **RDS Proxy** or **Oracle 2023**\.
 
 | Change | Description | Date | 
 | --- |--- |--- |
+| [RDS Custom for SQL Server supports Bring Your Own Media \(BYOM\)](#WhatsNew) | You can now create a Custom Engine Version \(CEV\) using your own SQL Server media\. For more information, see [Bring Your Own Media with RDS Custom for SQL Server](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-sqlserver.byom.html)\. | June 8, 2023 | 
 | [RDS for Oracle can convert an Oracle Database 19c non\-CDB to a CDB](#WhatsNew) | If your DB instance runs Oracle Database 19c with the April 2021 or higher RU, you can convert a non\-CDB to a CDB \(container database\)\. After you convert the architecture, you can upgrade your 19c CDB to a 21c CDB\. This step is necessary because you can't upgrade your database and convert the architecture using a single command\. For more information, see [ Converting an RDS for Oracle non\-CDB into a CDB](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-multitenant.html#oracle-cdb-converting)\. | May 31, 2023 | 
 | [Update to AWS managed policy permissions](#WhatsNew) | The `AmazonRDSCustomServiceRolePolicy` of the `AWSServiceRoleForRDSCustom` service\-linked role has new permissions that allow RDS Custom to create network interfaces\. For more information, see [ Amazon RDS updates to AWS managed policies](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-manpol-updates.html)\. | May 30, 2023 | 
 | [Multi\-AZ DB clusters available in the China Regions](#WhatsNew) | Multi\-AZ DB clusters are now available in the AWS Regions China \(Beijing\) and China \(Ningxia\)\. For more information, see [Multi\-AZ DB clusters](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RDS_Fea_Regions_DB-eng.Feature.MultiAZDBClusters.html)\. | May 30, 2023 | 
diff --git a/doc_source/blue-green-deployments-overview.md b/doc_source/blue-green-deployments-overview.md
index f5f29ae..b5d830a 100644
--- a/doc_source/blue-green-deployments-overview.md
+++ b/doc_source/blue-green-deployments-overview.md
@@ -59,7 +59,7 @@ Complete the following major steps when you use a blue/green deployment for data
 
 1. Test your staging environment\.
 
-   During testing, we recommend that you keep your databases in the green environment read only\. We recommend that you enable write operations on the green environment with caution because they can result in replication conflicts in the green environment\. They can also result in unintended data in the production databases after switchover\.
+   During testing, we recommend that you keep your databases in the green environment read only\. We recommend that you enable write operations on the green environment with caution because they can result in replication conflicts\. They can also result in unintended data in the production databases after switchover\.
 
 1. When ready, switch over to promote the staging environment to be the new production environment\. For instructions, see [Switching a blue/green deployment](blue-green-deployments-switching.md)\.
 
@@ -139,7 +139,7 @@ The following are best practices for blue/green deployments:
 
   For example, if your DB engine version supports it, consider using GTID replication, parallel replication, and crash\-safe replication in your production environment before deploying your blue/green deployment\. These options promote consistency and durability of your data before you switch over your blue/green deployment\. For more information about GTID replication for read replicas, see [Using GTID\-based replication for Amazon RDS for MySQL](mysql-replication-gtid.md)\.
 + Thoroughly test the DB instances in the green environment before switching over\.
-+ Keep your databases in the green environment read only\. We recommend that you enable write operations on the green environment with caution because they can result in replication conflicts in the green environment\. They can also result in unintended data in the production databases after switchover\.
++ Keep your databases in the green environment read only\. We recommend that you enable write operations on the green environment with caution because they can result in replication conflicts\. They can also result in unintended data in the production databases after switchover\.
 + Identify the best time for the switchover\.
 
   During the switchover, writes are cut off from databases in both environments\. Identify a time when traffic is lowest on your production environment\. Long\-running transactions, such as active DDLs, can increase your switchover time, resulting in longer downtime for your production workloads\.
diff --git a/doc_source/custom-backup-sqlserver.md b/doc_source/custom-backup-sqlserver.md
index 0425d8e..0b2cc5c 100644
--- a/doc_source/custom-backup-sqlserver.md
+++ b/doc_source/custom-backup-sqlserver.md
@@ -207,7 +207,7 @@ The transaction logs for each database are uploaded to an S3 bucket named `do-no
 
 You can restore an RDS Custom for SQL Server DB instance to a point in time using the AWS Management Console, the AWS CLI, or the RDS API\.
 
-### Console<a name="custom-backup.pitr2.CON"></a>
+### Console<a name="custom-backup-sqs.pitr2.CON"></a>
 
 **To restore an RDS Custom DB instance to a specified time**
 
diff --git a/doc_source/custom-cev-sqlserver.create.md b/doc_source/custom-cev-sqlserver.create.md
index 07c110e..82f68df 100644
--- a/doc_source/custom-cev-sqlserver.create.md
+++ b/doc_source/custom-cev-sqlserver.create.md
@@ -1,11 +1,14 @@
 # Creating a CEV for RDS Custom for SQL Server<a name="custom-cev-sqlserver.create"></a>
 
-You can create a custom engine version \(CEV\) using the AWS Management Console or the AWS CLI\. You can then use the CEV to create an RDS Custom for SQL Server DB instance\. 
+You can create a custom engine version \(CEV\) using the AWS Management Console or the AWS CLI\. You can then use the CEV to create an RDS Custom for SQL Server DB instance\.
 
 Make sure that the Amazon Machine Image \(AMI\) is in the same AWS account and Region as your CEV\. Otherwise, the process to create a CEV fails\.
 
 For more information, see [Creating and connecting to a DB instance for Amazon RDS Custom for SQL Server](custom-creating-sqlserver.md)\.
 
+**Important**  
+The steps to create a CEV are the same for AMIs created with pre\-installed SQL Server and those created using bring your own media \(BYOM\)\.
+
 ## Console<a name="custom-cev-sqlserver.create.console"></a>
 
 **To create a CEV**
diff --git a/doc_source/custom-cev-sqlserver.md b/doc_source/custom-cev-sqlserver.md
index ea96922..12ec7c9 100644
--- a/doc_source/custom-cev-sqlserver.md
+++ b/doc_source/custom-cev-sqlserver.md
@@ -1,8 +1,22 @@
 # Working with custom engine versions for RDS Custom for SQL Server<a name="custom-cev-sqlserver"></a>
 
-A *custom engine version \(CEV\)* for RDS Custom for SQL Server is an Amazon Machine Image \(AMI\) with pre\-installed Microsoft SQL Server\. You choose an AWS EC2 Windows AMI to use as a base image and can install other software on the operating system \(OS\)\. You can customize the configuration of the OS and SQL Server to meet your enterprise needs\. You save the AMI as a golden image to create a CEV from and then create new RDS Custom for SQL Server DB instances by using that CEV\. Amazon RDS then manages these DB instances for you\.
+A *custom engine version \(CEV\)* for RDS Custom for SQL Server is an Amazon Machine Image \(AMI\) that includes Microsoft SQL Server\.
 
-A CEV allows you to maintain your preferred baseline configuration of the OS and database\. Using a CEV ensures that the host configuration, such as any third\-party agent installation or other OS customizations, are persisted on RDS Custom for SQL Server DB instances\. Additionally, a CEV lets you quickly deploy fleets of RDS Custom for SQL Server DB instances with the same configuration\.
+**The basic steps of the CEV workflow are as follows:**
+
+1. Choose an AWS EC2 Windows AMI to use as a base image for a CEV\. You have the option to use pre\-installed Microsoft SQL Server, or bring your own media to install SQL Server yourself\.
+
+1. Install other software on the operating system \(OS\) and customize the configuration of the OS and SQL Server to meet your enterprise needs\.
+
+1. Save the AMI as a golden image
+
+1. Create a custom engine version \(CEV\) from your golden image\.
+
+1. Create new RDS Custom for SQL Server DB instances by using your CEV\.
+
+Amazon RDS then manages these DB instances for you\.
+
+A CEV allows you to maintain your preferred baseline configuration of the OS and database\. Using a CEV ensures that the host configuration, such as any third\-party agent installation or other OS customizations, are persisted on RDS Custom for SQL Server DB instances\. With a CEV, you can quickly deploy fleets of RDS Custom for SQL Server DB instances with the same configuration\.
 
 **Topics**
 + [Preparing to create a CEV for RDS Custom for SQL Server](custom-cev-sqlserver.preparing.md)
diff --git a/doc_source/custom-cev-sqlserver.preparing.md b/doc_source/custom-cev-sqlserver.preparing.md
index f1b827a..2dffa06 100644
--- a/doc_source/custom-cev-sqlserver.preparing.md
+++ b/doc_source/custom-cev-sqlserver.preparing.md
@@ -1,21 +1,38 @@
 # Preparing to create a CEV for RDS Custom for SQL Server<a name="custom-cev-sqlserver.preparing"></a>
 
-To create a CEV using SQL Server CU17, use the following basic steps:
+You can create a CEV using an Amazon Machine Image \(AMI\) that contains pre\-installed, License Included \(LI\) Microsoft SQL Server, or with an AMI on which you install your own SQL Server installation media \(BYOM\)\.
 
-1. Choose an AWS EC2 Windows Amazon Machine Image \(AMI\) with license\-included \(LI\) Microsoft Windows Server and SQL Server\.
+**Contents**
++ [Preparing a CEV using pre\-installed SQL Server \(LI\)](#custom-cev-sqlserver.preparing.licenseincluded)
++ [Preparing a CEV using Bring Your Own Media \(BYOM\)](#custom-cev-sqlserver.preparing.byom)
++ [Region availability for RDS Custom for SQL Server CEVs](#custom-cev-sqlserver.preparing.RegionVersionAvailability)
++ [Version support for RDS Custom for SQL Server CEVs](#custom-cev-sqlserver.preparing.VersionSupport)
++ [Requirements for RDS Custom for SQL Server CEVs](#custom-cev-sqlserver.preparing.Requirements)
++ [Limitations for RDS Custom for SQL Server CEVs](#custom-cev-sqlserver.preparing.Limitations)
+
+## Preparing a CEV using pre\-installed SQL Server \(LI\)<a name="custom-cev-sqlserver.preparing.licenseincluded"></a>
+
+The following steps to create a CEV using pre\-installed Microsoft SQL Server \(LI\) use an AMI with **SQL Server CU20** Release number `2023.05.10` as an example\. When you create a CEV, choose an AMI with the most recent release number\. This ensures that you are using a supported version of Windows Server and SQL Server with the latest Cumulative Update \(CU\)\.
+
+**To create a CEV using pre\-installed Microsoft SQL Server \(LI\)**
+
+1. Choose the latest available AWS EC2 Windows Amazon Machine Image \(AMI\) with License Included \(LI\) Microsoft Windows Server and SQL Server\.
 
-   1. Search for **CU17** within the [Windows AMI version history](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-ami-version-history.html)\.
+   1. Search for **CU20** within the [Windows AMI version history](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-ami-version-history.html)\.
 
-   1. Take note of the Release number\. For SQL Server 2019 CU17, it’s `2022.09.14`\.
+   1. Note the Release number\. For SQL Server 2019 CU20, the release number is `2023.05.10`\.  
+![\[AMI version history result for SQL Server 2019 CU20.\]](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/images/rds_custom_sqlserver_cev_find_ami_history_li_cu20.png)
+
+   1. Open the Amazon EC2 console at [https://console\.aws\.amazon\.com/ec2/](https://console.aws.amazon.com/ec2/)\.
 
    1. In the left navigation panel of the Amazon EC2 console choose **Images**, then **AMIs**\.
 
-   1. Choose **Public images** from the drop\-down menu\.
+   1. Choose **Public images**\.
 
-   1. Enter `2022.09.14` into the search box\. A list of AMIs will be returned\.
+   1. Enter `2023.05.10` into the search box\. A list of AMIs appears\.
 
    1. Enter `Windows_Server-2019-English-Full-SQL_2019` into the search box to filter the results\. The following results should appear\.  
-![\[Supported AMIs using SQL Server 2019 CU17.\]](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/images/rds_custom_sqlserver_cev_find_ami.png)
+![\[Supported AMIs using SQL Server 2019 CU20.\]](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/images/rds_custom_sqlserver_cev_find_ami_li_cu.png)
 
    1. Choose the AMI with the SQL Server edition that you want to use\.
 
@@ -25,18 +42,74 @@ To create a CEV using SQL Server CU17, use the following basic steps:
 
 1. Run Sysprep on the EC2 instance\. For more information prepping an AMI using Sysprep, see [Create a standardized Amazon Machine Image \(AMI\) using Sysprep](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Creating_EBSbacked_WinAMI.html#sysprep-using-ec2launchv2)\.
 
-1. Save the AMI as your golden image that contains your software and other customizations\.
+1. Save the AMI that contains your installed SQL Server version, other software, and customizations\. This will be your golden image\.
 
 1. Create a new CEV by providing the AMI ID of the image that you created\. For detailed steps on creating a CEV, see [Creating a CEV for RDS Custom for SQL Server](custom-cev-sqlserver.create.md)\.
 
-1. Create a new RDS Custom for SQL Server DB instance using the CEV\. For detailed steps on creating a RDS Custom for SQL Server DB instance using a CEV, see [Create an RDS Custom for SQL Server DB instance from a CEV](custom-cev-sqlserver.create.md#custom-cev-sqlserver.create.newdbinstance)\.
+1. Create a new RDS Custom for SQL Server DB instance using the CEV\. For detailed steps, see [Create an RDS Custom for SQL Server DB instance from a CEV](custom-cev-sqlserver.create.md#custom-cev-sqlserver.create.newdbinstance)\.
 
-**Contents**
-+ [Region and version availability](#custom-cev-sqlserver.preparing.RegionVersionAvailability)
-+ [Requirements](#custom-cev-sqlserver.preparing.Requirements)
-+ [Limitations](#custom-cev-sqlserver.preparing.Limitations)
+## Preparing a CEV using Bring Your Own Media \(BYOM\)<a name="custom-cev-sqlserver.preparing.byom"></a>
+
+The following steps use an AMI with **Windows Server 2019** Release number `2023.05.10` as an example\. When creating a CEV, choose an AMI with the most recent release number\. This ensures that you are using the latest supported version of Windows Server\.
+
+**To create a CEV using BYOM**
 
-## Region and version availability<a name="custom-cev-sqlserver.preparing.RegionVersionAvailability"></a>
+1. Choose the latest available AWS EC2 Windows Amazon Machine Image \(AMI\) with Microsoft Windows Server\.
+
+   1. View the monthly AMI updates table within the [Windows AMI version history](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-ami-version-history.html)\.
+
+   1. Note the latest available **Release** number\. For example, the release number for **Windows Server 2019** might be `2023.05.10`\. Although the **Changes** column may show `SQL Server CUs installed`, the release number also includes an AMI for **Windows Server 2019**, without SQL Server pre\-installed\. You can use this AMI for BYOM\.  
+![\[Windows AMI version history using Windows Server for BYOM.\]](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/images/rds_custom_sqlserver_cev_find_ami_byom_windows_server_base_no_cu.png)
+
+   1. Open the Amazon EC2 console at [https://console\.aws\.amazon\.com/ec2/](https://console.aws.amazon.com/ec2/)\.
+
+   1. In the left navigation panel of the Amazon EC2 console, choose **Images**, then **AMIs**\.
+
+   1. Choose **Public images**\.
+
+   1. Enter `Windows_Server-2019-English-Full-Base-2023.05.10` into the search box\. The following results should appear:  
+![\[Supported AMIs using Windows Server for BYOM.\]](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/images/rds_custom_sqlserver_cev_find_ami_byom_windows_server_cu20.png)
+
+   1. Choose the AMI with the supported Windows Server version that you want to use\.
+
+1. Create or launch an EC2 instance from your chosen AMI\.
+
+1. Log in to the EC2 instance and copy your SQL Server installation media to it\.
+
+1. Install SQL Server\. Make sure that you do the following:
+
+   1. Review [Requirements for BYOM for RDS Custom for SQL Server](custom-sqlserver.byom.md#custom-sqlserver.byom.requirements)\.
+
+   1. Set the instance root directory to the default `C:\Program Files\Microsoft SQL Server\`\. Don't change this directory\.
+
+   1. Set the SQL Server Database Engine Account Name to either `NT Service\MSSQLSERVER` or `NT AUTHORITY\NETWORK SERVICE`\.
+
+   1. Set the SQL Server Startup mode to **Manual**\.
+
+   1. Choose SQL Server Authentication mode as **Mixed**\.
+
+   1. Leave the current settings for the default Data directories and TempDB locations\.
+
+1. Grant the SQL Server sysadmin \(SA\) server role privilege to `NT AUTHORITY\SYSTEM`:
+
+   ```
+   1. USE [master]
+   2. GO
+   3. EXEC master..sp_addsrvrolemember @loginame = N'NT AUTHORITY\SYSTEM' , @rolename = N'sysadmin'
+   4. GO
+   ```
+
+1. Install additional software or customize the OS and database configuration to meet your requirements\.
+
+1. Run Sysprep on the EC2 instance\. For more information, see [Create a standardized Amazon Machine Image \(AMI\) using Sysprep](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Creating_EBSbacked_WinAMI.html#sysprep-using-ec2launchv2)\.
+
+1. Save the AMI that contains your installed SQL Server version, other software, and customizations\. This will be your golden image\.
+
+1. Create a new CEV by providing the AMI ID of the image that you created\. For detailed steps, see [Creating a CEV for RDS Custom for SQL Server](custom-cev-sqlserver.create.md)\.
+
+1. Create a new RDS Custom for SQL Server DB instance using the CEV\. For detailed steps, see [Create an RDS Custom for SQL Server DB instance from a CEV](custom-cev-sqlserver.create.md#custom-cev-sqlserver.create.newdbinstance)\.
+
+## Region availability for RDS Custom for SQL Server CEVs<a name="custom-cev-sqlserver.preparing.RegionVersionAvailability"></a>
 
 Custom engine version \(CEV\) support for RDS Custom for SQL Server is available in the following AWS Regions:
 + US East \(Ohio\)
@@ -47,44 +120,50 @@ Custom engine version \(CEV\) support for RDS Custom for SQL Server is available
 + Asia Pacific \(Singapore\)
 + Asia Pacific \(Sydney\)
 + Asia Pacific \(Tokyo\)
++ Canada \(Central\)
 + Europe \(Frankfurt\)
 + Europe \(Ireland\)
 + Europe \(London\)
 + Europe \(Stockholm\)
++ South America \(São Paulo\)
+
+## Version support for RDS Custom for SQL Server CEVs<a name="custom-cev-sqlserver.preparing.VersionSupport"></a>
 
-CEV creation for RDS Custom for SQL Server is supported for the following AWS EC2 Windows Amazon Machine Images \(AMI\):
-+ AWS EC2 Windows AMIs with license\-included \(LI\) Microsoft Windows Server and SQL Server 2019
+CEV creation for RDS Custom for SQL Server is supported for the following AWS EC2 Windows AMIs:
++ For CEVs using pre\-installed media, AWS EC2 Windows AMIs with License Included \(LI\) Microsoft Windows Server 2019 and SQL Server 2019
++ For CEVs using bring your own media \(BYOM\), AWS EC2 Windows AMIs with Microsoft Windows Server 2019
 
-CEV for RDS Custom for SQL Server is supported for the following operating system \(OS\) and database editions:
-+ SQL Server 2019 with CU17, for Enterprise, Standard, and Web editions
-+ Windows Server 2019
+CEV creation for RDS Custom for SQL Server is supported for the following operating system \(OS\) and database editions:
++ For CEVs using pre\-installed media, SQL Server 2019 with CU17, CU18, or CU20, for Enterprise, Standard, and Web editions
++ For CEVs using bring your own media \(BYOM\), SQL Server 2019 with CU17, CU18, or CU20, for Enterprise and Standard editions
++ For CEVs using pre\-installed media or bring your own media \(BYOM\), Windows Server 2019 is the only supported OS
 
-## Requirements<a name="custom-cev-sqlserver.preparing.Requirements"></a>
+## Requirements for RDS Custom for SQL Server CEVs<a name="custom-cev-sqlserver.preparing.Requirements"></a>
 
 The following requirements apply to creating a CEV for RDS Custom for SQL Server:
-+ The AMI used to create a CEV is based on an OS and database configuration supported by RDS Custom for SQL Server\. For more information on supported configurations, see [Requirements and limitations for Amazon RDS Custom for SQL Server](custom-reqs-limits-MS.md)\.
++ The AMI used to create a CEV must be based on an OS and database configuration supported by RDS Custom for SQL Server\. For more information on supported configurations, see [Requirements and limitations for Amazon RDS Custom for SQL Server](custom-reqs-limits-MS.md)\.
 + The CEV must have a unique name\. You can't create a CEV with the same name as an existing CEV\.
 + You must name the CEV using a naming pattern of SQL Server *major version \+ minor version \+ customized string*\. The *major version \+ minor version* must match the SQL Server version provided with the AMI\. For example, you can name an AMI with SQL Server 2019 CU17 as **15\.00\.4249\.2\.my\_cevtest**\.
 + You must prepare an AMI using Sysprep\. For more information about prepping an AMI using Sysprep, see [Create a standardized Amazon Machine Image \(AMI\) using Sysprep](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Creating_EBSbacked_WinAMI.html#sysprep-using-ec2launchv2)\.
 + You are responsible for maintaining the life cycle of the AMI\. An RDS Custom for SQL Server DB instance created from a CEV doesn't store a copy of the AMI\. It maintains a pointer to the AMI that you used to create the CEV\. The AMI must exist for an RDS Custom for SQL Server DB instance to remain operable\.
 
-## Limitations<a name="custom-cev-sqlserver.preparing.Limitations"></a>
+## Limitations for RDS Custom for SQL Server CEVs<a name="custom-cev-sqlserver.preparing.Limitations"></a>
 
-The following limitations apply to custom engine versions with RDS Custom for SQL Server
+The following limitations apply to custom engine versions with RDS Custom for SQL Server:
 + You can't delete a CEV if there are resources, such as DB instances or DB snapshots, associated with it\.
-+ To create an RDS Custom for SQL Server DB instance, a CEV must have a status of either `pending-validation`, `available`, `failed`, or `validating`\. A RDS Custom for SQL Server DB instance cannot be created using a CEV if the CEV status is `incompatible-image-configuration`\.
-+ To modify a RDS Custom for SQL Server DB instance to use a new CEV, a CEV must have a status of `available`\.
-+ Creating an AMI or CEV from an existing RDS Custom for SQL Server DB instance isn't supported\.
-+ After it is created, a CEV can't be modified to use a different AMI\. However, you can modify an RDS Custom for SQL Server DB instance to use a different CEV\. For more information, see [Modifying an RDS Custom for SQL Server DB instance](custom-managing-sqlserver.md#custom-managing.modify-sqlserver)\.
++ To create an RDS Custom for SQL Server DB instance, a CEV must have a status of `pending-validation`, `available`, `failed`, or `validating`\. You can't create an RDS Custom for SQL Server DB instance using a CEV if the CEV status is `incompatible-image-configuration`\.
++ To modify a RDS Custom for SQL Server DB instance to use a new CEV, the CEV must have a status of `available`\.
++ You can't create an AMI or CEV from an existing RDS Custom for SQL Server DB instance\.
++ You can't modify an existing CEV to use a different AMI\. However, you can modify an RDS Custom for SQL Server DB instance to use a different CEV\. For more information, see [Modifying an RDS Custom for SQL Server DB instance](custom-managing-sqlserver.md#custom-managing.modify-sqlserver)\.
 + Cross\-Region copy of CEVs isn't supported\.
 + Cross\-account copy of CEVs isn't supported\.
 + SQL Server Transparent Data Encryption \(TDE\) isn't supported\.
-+ After you delete a CEV, it can't be restored or recovered\. However, you can create a new CEV from the same AMI\.
++ You can't restore or recover a CEV after you delete it\. However, you can create a new CEV from the same AMI\.
 + A RDS Custom for SQL Server DB instance stores your SQL Server database files in the *D:\\*drive\. The AMI associated with a CEV should store the Microsoft SQL Server system database files in the *C:\\* drive\.
-+ An RDS Custom for SQL Server DB instance retains your configuration changes made to SQL Server\. Any configuration changes to the OS on a running RDS Custom for SQL Server DB Instance created from a CEV aren't retained\. If you need to make a permanent configuration change to the OS and have it retained as your new baseline configuration, create a new CEV and modify the DB instance to use the new CEV\.
++ An RDS Custom for SQL Server DB instance retains your configuration changes made to SQL Server\. Any configuration changes to the OS on a running RDS Custom for SQL Server DB instance created from a CEV aren't retained\. If you need to make a permanent configuration change to the OS and have it retained as your new baseline configuration, create a new CEV and modify the DB instance to use the new CEV\.
 **Important**  
 Modifying an RDS Custom for SQL Server DB instance to use a new CEV is an offline operation\. You can perform the modification immediately or schedule it to occur during a weekly maintenance window\.
-+ Updated CEVs don't get pushed to any associated RDS Custom for SQL Server DB instances\. You must modify each RDS Custom for SQL Server DB instance to use the new or updated CEV\. For more information, see [Modifying an RDS Custom for SQL Server DB instance](custom-managing-sqlserver.md#custom-managing.modify-sqlserver)\.
++ When you modify a CEV, Amazon RDS doesn't push those modifications to any associated RDS Custom for SQL Server DB instances\. You must modify each RDS Custom for SQL Server DB instance to use the new or updated CEV\. For more information, see [Modifying an RDS Custom for SQL Server DB instance](custom-managing-sqlserver.md#custom-managing.modify-sqlserver)\.
 + 
 **Important**  
 If an AMI used by a CEV is deleted, any modifications that may require host replacement, for example, scale compute, will fail\. The RDS Custom for SQL Server DB instance will then be placed outside of the RDS support perimeter\. We recommend that you avoid deleting any AMI that's associated to a CEV\.
\ No newline at end of file
diff --git a/doc_source/custom-reqs-limits-MS.md b/doc_source/custom-reqs-limits-MS.md
index 83e61bc..229493c 100644
--- a/doc_source/custom-reqs-limits-MS.md
+++ b/doc_source/custom-reqs-limits-MS.md
@@ -10,7 +10,7 @@ Following, you can find a summary of the Amazon RDS Custom for SQL Server requir
 
 ## Region and version availability<a name="custom-reqs-limits-MS.RegionVersionAvailability"></a>
 
-Feature availability and support varies across specific versions of each database engine, and across AWS Regions\. For more information on version and Region availability of Amazon RDS with Amazon RDS Custom for SQL Server, see [RDS Custom](Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.md)\. 
+Feature availability and support varies across specific versions of each database engine, and across AWS Regions\. For more information on version and Region availability of Amazon RDS with Amazon RDS Custom for SQL Server, see [RDS Custom for SQL Server](Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.md#Concepts.RDS_Fea_Regions_DB-eng.Feature.RDSCustom.sq)\. 
 
 ## General requirements for RDS Custom for SQL Server<a name="custom-reqs-limits.reqsMS"></a>
 
diff --git a/doc_source/custom-security.md b/doc_source/custom-security.md
index ff215bf..dcccd1f 100644
--- a/doc_source/custom-security.md
+++ b/doc_source/custom-security.md
@@ -3,9 +3,27 @@
 Familiarize yourself with the security considerations for RDS Custom\.
 
 **Topics**
++ [How RDS Custom securely manages tasks on your behalf](#custom-security.security-tools)
 + [Securing your Amazon S3 bucket against the confused deputy problem](#custom-security.confused-deputy)
 + [Rotating RDS Custom for Oracle credentials for compliance programs](#custom-security.cred-rotation)
 
+## How RDS Custom securely manages tasks on your behalf<a name="custom-security.security-tools"></a>
+
+RDS Custom uses the following tools and techniques to secure your DB instance:
+
+**AWSServiceRoleForRDSCustom service\-linked role**  
+A *service\-linked role* is predefined by the service and includes all permissions that the service needs to call other AWS services on your behalf\. For RDS Custom, `AWSServiceRoleForRDSCustom` is a service\-linked role that is defined according to the principle of least privilege\. RDS Custom uses the permissions in `AmazonRDSCustomServiceRolePolicy`, which is the policy attached to this role, to perform most provisioning and all off\-host management tasks\. For more information, see [AmazonRDSCustomServiceRolePolicy](https://docs.aws.amazon.com/aws-managed-policy/latest/reference/AmazonRDSCustomServiceRolePolicy.html)\.  
+When it performs tasks on the host, RDS Custom automation uses credentials from the service\-linked role to run commands using AWS Systems Manager\. You can audit the command history through the Systems Manager command history and AWS CloudTrail\. Systems Manager connects to your RDS Custom DB instance using your networking setup\. For more information, see [Step 3: Configure IAM and your Amazon VPC](custom-setup-orcl.md#custom-setup-orcl.iam-vpc)\.
+
+**Temporary IAM credentials**  
+When provisioning or deleting resources, RDS Custom sometimes uses temporary credentials derived from the credentials of the calling IAM principal\. These IAM credentials are restricted by the IAM policies attached to that principal and expire after the operation is completed\. To learn about the permissions required for IAM principals who use RDS Custom, see [Step 4: Grant required permissions to your IAM user or role](custom-setup-orcl.md#custom-setup-orcl.iam-user)\.
+
+**Amazon EC2 instance profile**  
+An EC2 instance profile is a container for an IAM role that you can use to pass role information to an EC2 instance\. An EC2 instance underlies an RDS Custom DB instance\. You provide an instance profile when you create an RDS Custom DB instance\. RDS Custom uses EC2 instance profile credentials when it performs host\-based management tasks such as backups\. For more information, see [Create your IAM role and instance profile manually](custom-setup-orcl.md#custom-setup-orcl.iam)\.
+
+**SSH key pair**  
+When RDS Custom creates the EC2 instance that underlies a DB instance, it creates an SSH key pair on your behalf\. The key uses the naming prefix `do-not-delete-rds-custom-ssh-privatekey-db-`\. AWS Secrets Manager stores this SSH private key as a secret in your AWS account\. Amazon RDS doesn't store, access, or use these credentials\. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html)\.
+
 ## Securing your Amazon S3 bucket against the confused deputy problem<a name="custom-security.confused-deputy"></a>
 
 When you create an Amazon RDS Custom for Oracle custom engine version \(CEV\) or an RDS Custom for SQL Server DB instance, RDS Custom creates an Amazon S3 bucket\. The S3 bucket stores files such as CEV artifacts, redo \(transaction\) logs, configuration items for the support perimeter, and AWS CloudTrail logs\.
diff --git a/doc_source/custom-sqlserver.byom.md b/doc_source/custom-sqlserver.byom.md
new file mode 100644
index 0000000..c326a54
--- /dev/null
+++ b/doc_source/custom-sqlserver.byom.md
@@ -0,0 +1,45 @@
+# Bring Your Own Media with RDS Custom for SQL Server<a name="custom-sqlserver.byom"></a>
+
+RDS Custom for SQL Server supports two licensing models: License Included \(LI\) and Bring Your Own Media \(BYOM\)\.
+
+**With BYOM, you can do the following:**
+
+1. Provide and install your own Microsoft SQL Server binaries with supported cumulative updates \(CU\) on an AWS EC2 Windows AMI\.
+
+1. Save the AMI as a golden image, which is a template that you can use to create a custom engine version \(CEV\)\.
+
+1. Create a CEV from your golden image\.
+
+1. Create new RDS Custom for SQL Server DB instances by using your CEV\.
+
+Amazon RDS then manages your DB instances for you\.
+
+**Note**  
+If you also have a License Included \(LI\) RDS Custom for SQL Server DB instance, you can't use the SQL Server software from this DB instance with BYOM\. You must bring your own SQL Server binaries to BYOM\.
+
+## Requirements for BYOM for RDS Custom for SQL Server<a name="custom-sqlserver.byom.requirements"></a>
+
+The same general requirements for custom engine versions with RDS Custom for SQL Server also apply to BYOM\. For more information, see [Requirements for RDS Custom for SQL Server CEVs](custom-cev-sqlserver.preparing.md#custom-cev-sqlserver.preparing.Requirements)\.
+
+When using BYOM, make you sure that you meet the following additional requirements:
++ Use only SQL Server 2019 Enterprise and Standard edition\. These are the only supported editions\.
++ Grant the SQL Server sysadmin \(SA\) server role privilege to `NT AUTHORITY\SYSTEM`\.
++ Keep the Windows Server OS configured with `UTC` time\. 
+
+  Amazon EC2 Windows instances are set to the UTC time zone by default\. For more information about viewing and changing the time for a Windows instance, see [Set the time for a Windows instance](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/windows-set-time.html)\.
++ Open TCP port 1433 and UDP port 1434 to allow SSM connections\.
+
+## Limitations of BYOM for RDS Custom for SQL Server<a name="custom-sqlserver.byom.limitations"></a>
+
+The same general limitations for RDS Custom for SQL Server also apply to BYOM\. For more information, see [Requirements and limitations for Amazon RDS Custom for SQL Server](custom-reqs-limits-MS.md)\.
+
+With BYOM, the following additional limitations apply:
++ Only the default SQL Server instance \(MSSQLSERVER\) is supported\. Named SQL Server instances aren't supported\. RDS Custom for SQL Server detects and monitors only the default SQL Server instance\.
++ Only a single installation of SQL Server is supported on each AMI\. Multiple installations of different SQL Server versions aren't supported\.
++ SQL Server Web edition isn't supported with BYOM\.
++ Evaluation versions of SQL Server editions aren't supported with BYOM\. When you install SQL Server, don't select the checkbox for using an evaluation version\.
++ Feature availability and support varies across specific versions of each database engine, and across AWS Regions\. For more information, see [Region availability for RDS Custom for SQL Server CEVs](custom-cev-sqlserver.preparing.md#custom-cev-sqlserver.preparing.RegionVersionAvailability) and [Version support for RDS Custom for SQL Server CEVs](custom-cev-sqlserver.preparing.md#custom-cev-sqlserver.preparing.VersionSupport)\. 
+
+## Creating an RDS Custom for SQL Server DB instance with BYOM<a name="custom-sqlserver.byom.creating"></a>
+
+To prepare and create an RDS Custom for SQL Server DB instance with BYOM, see [Preparing a CEV using Bring Your Own Media \(BYOM\)](custom-cev-sqlserver.preparing.md#custom-cev-sqlserver.preparing.byom)\.
\ No newline at end of file
diff --git a/doc_source/custom-troubleshooting.md b/doc_source/custom-troubleshooting.md
index 14d3f15..5b1c15e 100644
--- a/doc_source/custom-troubleshooting.md
+++ b/doc_source/custom-troubleshooting.md
@@ -89,10 +89,11 @@ Use the following information to help you address possible causes\.
 | `Image (AMI_ID) doesn't exist in your account (ACCOUNT_ID). Verify (ACCOUNT_ID) is the owner of the EC2 image.` | Ensure the AMI exists in the same customer account\. | 
 | `Image id (AMI_ID) isn't valid. Specify a valid image id, and try again.` | The name of the AMI is incorrect\. Ensure the correct AMI ID is provided\. | 
 | `Image (AMI_ID) operating system platform isn't supported. Specify a valid image, and try again.` |  Choose a supported AMI that has Windows Server with SQL Server Enterprise, Standard, or Web edition\. Choose an AMI with one of the following usage operation codes from the EC2 Marketplace: [\[See the AWS documentation website for more details\]](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-troubleshooting.html)  | 
+| `SQL Server Web Edition isn't supported for creating a Custom Engine Version using Bring Your Own Media. Specify a valid image, and try again.` | Use an AMI that contains a supported edition of SQL Server\. For more information, see [Version support for RDS Custom for SQL Server CEVs](custom-cev-sqlserver.preparing.md#custom-cev-sqlserver.preparing.VersionSupport)\. | 
 | `The custom engine version can't be the same as the OEV engine version. Specify a valid CEV, and try again.` | Classic RDS Custom for SQL Server engine versions aren't supported\. For example, version **15\.00\.4073\.23\.v1**\. Use a supported version number\. | 
 | `The custom engine version isn't in an active state. Specify a valid CEV, and try again.` | The CEV must be in an `AVAILABLE` state to complete the operation\. Modify the CEV from `INACTIVE` to `AVAILABLE`\.  | 
-| `The custom engine version isn't valid for an upgrade. Specify a valid CEV with an engine version greater or equal to (X), and try again.` | The target CEV is not valid\. Check the requirements for a valid upgrade path\. For more information, see \(link needed here\) | 
-| `The custom engine version isn't valid. Names can include only lowercase letters (a-z), dashes (-), underscores (_), and periods (.). Specify a valid CEV, and try again.` | Follow the required CEV naming convention\. For more information, see [Requirements](custom-cev-sqlserver.preparing.md#custom-cev-sqlserver.preparing.Requirements)\. | 
+| `The custom engine version isn't valid for an upgrade. Specify a valid CEV with an engine version greater or equal to (X), and try again.` | The target CEV is not valid\. Check the requirements for a valid upgrade path\.  | 
+| `The custom engine version isn't valid. Names can include only lowercase letters (a-z), dashes (-), underscores (_), and periods (.). Specify a valid CEV, and try again.` | Follow the required CEV naming convention\. For more information, see [Requirements for RDS Custom for SQL Server CEVs](custom-cev-sqlserver.preparing.md#custom-cev-sqlserver.preparing.Requirements)\. | 
 | `The custom engine version isn't valid. Specify valid database engine version, and try again. Example: 15.00.4073.23-cev123.` | An unsupported DB engine version was provided\. Use a supported DB engine version\. | 
 | `The expected architecture is (X) for image (AMI_ID), but architecture (Y) was found.` | Use an AMI built on the **x86\_64** architecture\. | 
 | `The expected owner of image (AMI_ID) is customer account ID (ACCOUNT_ID), but owner (ACCOUNT_ID) was found.` | Create the EC2 instance from the AMI that you have permission for\. Run Sysprep on the EC2 instance to create and save a base image\.  | 
diff --git a/doc_source/index.md b/doc_source/index.md
index b27cdc2..850055f 100644
--- a/doc_source/index.md
+++ b/doc_source/index.md
@@ -224,6 +224,7 @@ sponsored by Amazon.
       + [RDS Custom for SQL Server workflow](custom-sqlserver.workflow.md)
       + [Requirements and limitations for Amazon RDS Custom for SQL Server](custom-reqs-limits-MS.md)
       + [Setting up your environment for Amazon RDS Custom for SQL Server](custom-setup-sqlserver.md)
+      + [Bring Your Own Media with RDS Custom for SQL Server](custom-sqlserver.byom.md)
       + [Working with custom engine versions for RDS Custom for SQL Server](custom-cev-sqlserver.md)
          + [Preparing to create a CEV for RDS Custom for SQL Server](custom-cev-sqlserver.preparing.md)
          + [Creating a CEV for RDS Custom for SQL Server](custom-cev-sqlserver.create.md)
diff --git a/doc_source/oracle-multi-architecture.md b/doc_source/oracle-multi-architecture.md
index 489f98d..ab8a449 100644
--- a/doc_source/oracle-multi-architecture.md
+++ b/doc_source/oracle-multi-architecture.md
@@ -2,7 +2,10 @@
 
 The multitenant architecture enables an Oracle database to function as a multitenant container database \(CDB\)\. A CDB can include customer\-created pluggable databases \(PDBs\)\. A non\-CDB is an Oracle database that uses the traditional architecture, which can't contain PDBs\. For more information about the multitenant architecture, see [https://docs.oracle.com/en/database/oracle/oracle-database/19/multi/introduction-to-the-multitenant-architecture.html#GUID-267F7D12-D33F-4AC9-AA45-E9CD671B6F22](https://docs.oracle.com/en/database/oracle/oracle-database/19/multi/introduction-to-the-multitenant-architecture.html#GUID-267F7D12-D33F-4AC9-AA45-E9CD671B6F22)\.
 
-For Oracle Database 19c and higher, RDS for Oracle supports a subset of multitenant architecture called the single\-tenant architecture\. In this case, your CDB contains only one PDB\. The single\-tenant architecture uses the same RDS APIs as the non\-CDB architecture\. Your experience with a non\-CDB is mostly identical to your experience with a PDB\. You can't access the CDB itself\.
+For Oracle Database 19c and higher, RDS for Oracle supports the single\-tenant configuration of the multitenant architecture\. In this case, your CDB contains only one PDB\. The single\-tenant configuration of the multitenant architecture uses the same RDS APIs as the non\-CDB architecture\. Thus, your experience with a PDB is mostly identical to your experience with a non\-CDB\. 
+
+**Note**  
+You can't access the CDB itself\.
 
 In Oracle Database 21c and higher, all databases are CDBs\. In contrast, you can create an Oracle Database 19c DB instance as either a CDB or non\-CDB\. You can't upgrade a non\-CDB to a CDB, but you convert an Oracle Database 19c non\-CDB to a CDB, and then upgrade it\. You can't convert a CDB to a non\-CDB\.
 
diff --git a/doc_source/oracle-multitenant.md b/doc_source/oracle-multitenant.md
index 1160d3b..9b3f4c1 100644
--- a/doc_source/oracle-multitenant.md
+++ b/doc_source/oracle-multitenant.md
@@ -13,7 +13,7 @@ In the Oracle multitenant architecture, a container database \(CDB\) can include
 
 You can create an RDS for Oracle DB instance as a container database \(CDB\) when you run Oracle Database 19c or higher\. A CDB differs from a non\-CDB because it can contain pluggable databases \(PDBs\)\. A PDB is a portable collection of schemas and objects that appears to an application as a separate database\.
 
-Starting with Oracle Database 21c, all databases are CDBs\. If your DB instance runs Oracle Database 19c, you can create either a CDB or a non\-CDB\. A non\-CDB uses the traditional Oracle database architecture and can't contain PDBs\. You can convert an Oracle Database 19c non\-CDB to a CDB, but you can't convert a CDB to a non\-CDB\.
+Starting with Oracle Database 21c, all databases are CDBs\. If your DB instance runs Oracle Database 19c, you can create either a CDB or a non\-CDB\. A non\-CDB uses the traditional Oracle database architecture and can't contain PDBs\. You can convert an Oracle Database 19c non\-CDB to a CDB, but you can't convert a CDB to a non\-CDB\. You can only upgrade a CDB to a CDB\.
 
 **Topics**
 + [Single\-tenant configuration](#single-tenant-access)
@@ -26,7 +26,7 @@ Starting with Oracle Database 21c, all databases are CDBs\. If your DB instance
 
 RDS for Oracle supports the single\-tenant configuration of the Oracle multitenant architecture\. This means that an RDS for Oracle DB instance can contain only one PDB\. You name the PDB when you create your DB instance\. The CDB name defaults to `RDSCDB` and can't be changed\.
 
-In RDS for Oracle, you interact with the PDB rather than the CDB\. Your experience with a PDB is mostly identical to your experience with a non\-CDB\. You use the same Amazon RDS APIs in the single\-tenant configuration as you do in the non\-CDB architecture\. You can't access the CDB itself\.
+In RDS for Oracle, your client application interacts with the PDB rather than the CDB\. Your experience with a PDB is mostly identical to your experience with a non\-CDB\. You use the same Amazon RDS APIs in the single\-tenant configuration as you do in the non\-CDB architecture\. You can't access the CDB itself\.
 
 ### Creation and conversion options in a CDB<a name="oracle-cdb-creation-conversion"></a>
 
@@ -39,7 +39,7 @@ Although Oracle Database 21c supports only CDBs, Oracle Database 19c supports bo
 | Oracle Database 19c | CDB or non\-CDB | Non\-CDB to CDB \(April 2021 RU or higher\) | 21c CDB \(from 19c CDB only\) | 
 | Oracle Database 12c \(desupported\) | Non\-CDB only | N/A | 19c non\-CDB | 
 
-As shown in the preceding table, you can't directly upgrade a non\-CDB to a CDB in a new major version\. But you can convert an Oracle Database 19c non\-CDB to an Oracle Database 19c CDB\. Then you can upgrade the Oracle Database 19c CDB to an Oracle Database 21c CDB\.
+As shown in the preceding table, you can't directly upgrade a non\-CDB to a CDB in a new major version\. But you can convert an Oracle Database 19c non\-CDB to an Oracle Database 19c CDB, and then upgrade the Oracle Database 19c CDB to an Oracle Database 21c CDB\. For more information, see [Converting an RDS for Oracle non\-CDB to a CDB](#oracle-cdb-converting)\.
 
 ### User accounts and privileges in a CDB<a name="Oracle.Concepts.single-tenant.users"></a>
 
@@ -233,12 +233,37 @@ The non\-CDB conversion operation has the following requirements:
 + Make sure that you specify `oracle-ee-cdb` or `oracle-se2-cdb` for the engine type\. These are the only supported values\.
 + Make sure that your DB engine runs Oracle Database 19c with an April 2021 or later RU\.
 
-The conversion operation has the following limitations:
+The operation has the following limitations:
 + You can't convert a CDB to a non\-CDB\. You can only convert a non\-CDB to a CDB\.
-+ You can't convert a primary or replica database that has Oracle Data Guard turned on\.
-+ You can't upgrade the DB engine version and convert a non\-CDB to a CDB in the same CLI command\.
++ You can't convert a primary or replica database that has Oracle Data Guard enabled\.
++ You can't upgrade the DB engine version and convert a non\-CDB to a CDB in the same operation\.
 + The considerations for option and parameter groups are the same as for upgrading the DB engine\. For more information, see [Considerations for Oracle DB upgrades](USER_UpgradeDBInstance.Oracle.OGPG.md)\.
-+ You can't use the AWS Management Console to perform the operation\. Use the CLI or API instead\.
+
+### Console<a name="oracle-cdb-converting.console"></a>
+
+**To convert a non\-CDB to a CDB**
+
+1. Sign in to the AWS Management Console and open the Amazon RDS console at [https://console\.aws\.amazon\.com/rds/](https://console.aws.amazon.com/rds/)\.
+
+1. In the upper\-right corner of the Amazon RDS console, choose the AWS Region where your DB instance resides\.
+
+1. In the navigation pane, choose **Databases**, and then choose the non\-CDB instance that you want to convert to a CDB instance\. 
+
+1. Choose **Modify**\.
+
+1. For **Architecture settings**, select **Multitenant architecture**\.
+
+1. \(Optional\) For **DB parameter group**, choose a new parameter group for your CDB instance\. The same parameter group considerations apply when converting a DB instance as when upgrading a DB instance\. For more information, see [Parameter group considerations](USER_UpgradeDBInstance.Oracle.OGPG.md#USER_UpgradeDBInstance.Oracle.OGPG.PG)\.
+
+1. \(Optional\) For **Option group**, choose a new option group for your CDB instance\. The same option group considerations apply when converting a DB instance as when upgrading a DB instance\. For more information, see [Option group considerations](USER_UpgradeDBInstance.Oracle.OGPG.md#USER_UpgradeDBInstance.Oracle.OGPG.OG)\.
+
+1. When all the changes are as you want them, choose **Continue** and check the summary of modifications\. 
+
+1. \(Optional\) Choose **Apply immediately** to apply the changes immediately\. Choosing this option can cause downtime in some cases\. For more information, see [Using the Apply Immediately setting](Overview.DBInstance.Modifying.md#USER_ModifyInstance.ApplyImmediately)\.
+
+1. On the confirmation page, review your changes\. If they are correct, choose **Modify DB instance**\.
+
+   Or choose **Back** to edit your changes or **Cancel** to cancel your changes\.
 
 ### AWS CLI<a name="oracle-cdb-converting.cli"></a>
 
diff --git a/doc_source/rds-proxy.events.md b/doc_source/rds-proxy.events.md
index 67fe45b..c2df573 100644
--- a/doc_source/rds-proxy.events.md
+++ b/doc_source/rds-proxy.events.md
@@ -24,6 +24,7 @@ The following table shows the event category and a list of events when an RDS Pr
 | deletion | RDS\-EVENT\-0205 |  RDS deleted DB proxy *name*\.  |  | 
 |  deletion  | RDS\-EVENT\-0208 |  RDS deleted endpoint *name* for DB proxy *name*\.  |  | 
 |  failure  | RDS\-EVENT\-0243 |  RDS failed to provision capacity for proxy *name* because there aren't enough IP addresses available in your subnets: *name*\. To fix the issue, make sure that your subnets have the minimum number of unused IP addresses as recommended in the RDS Proxy documentation\.  |  To determine the recommended number for your instance class, see [Planning for IP address capacity](rds-proxy-setup.md#rds-proxy-network-prereqs.plan-ip-address)\.  | 
+|  failure | RDS\-EVENT\-0275 |  RDS throttled some connections to DB proxy \(RDS Proxy\)\.  |  | 
 
 The following is an example of an RDS Proxy event in JSON format\. The event shows that RDS modified the endpoint named `my-endpoint` of the RDS Proxy named `my-rds-proxy`\. The event ID is RDS\-EVENT\-0207\.
 
diff --git a/doc_source/rds-proxy.troubleshooting.md b/doc_source/rds-proxy.troubleshooting.md
index e7ed685..73b05ea 100644
--- a/doc_source/rds-proxy.troubleshooting.md
+++ b/doc_source/rds-proxy.troubleshooting.md
@@ -79,6 +79,7 @@ You might encounter the following RDS events while creating or connecting to a D
 | Category | RDS event ID | Description | 
 | --- | --- | --- | 
 |  failure  | RDS\-EVENT\-0243 | RDS couldn't provision capacity for the proxy because there aren't enough IP addresses available in your subnets\. To fix the issue, make sure that your subnets have the minimum number of unused IP addresses\. To determine the recommended number for your instance class, see [Planning for IP address capacity](rds-proxy-setup.md#rds-proxy-network-prereqs.plan-ip-address)\. | 
+|  failure  | RDS\-EVENT\-0275 |  RDS throttled some connections to DB proxy \(RDS Proxy\)\.  | 
 
  You might encounter the following issues while creating a new proxy or connecting to a proxy\. 
 
diff --git a/doc_source/security_iam_id-based-policy-examples.md b/doc_source/security_iam_id-based-policy-examples.md
index e048a72..80aaac1 100644
--- a/doc_source/security_iam_id-based-policy-examples.md
+++ b/doc_source/security_iam_id-based-policy-examples.md
@@ -294,7 +294,7 @@ You can explicitly deny access to a resource\. Deny policies take precedence ove
 
 Following are examples of how you can use condition keys in Amazon RDS IAM permissions policies\. 
 
-### Example 1: Grant permission to create a DB instance that uses a specific DB engine and isn't MultiAZ<a name="w374aac48c48c33c31b4"></a>
+### Example 1: Grant permission to create a DB instance that uses a specific DB engine and isn't MultiAZ<a name="w377aac48c48c33c31b4"></a>
 
 The following policy uses an RDS condition key and allows a user to create only DB instances that use the MySQL database engine and don't use MultiAZ\. The `Condition` element indicates the requirement that the database engine is MySQL\. 
 
@@ -320,7 +320,7 @@ The following policy uses an RDS condition key and allows a user to create only
 19. }
 ```
 
-### Example 2: Explicitly deny permission to create DB instances for certain DB instance classes and create DB instances that use Provisioned IOPS<a name="w374aac48c48c33c31b6"></a>
+### Example 2: Explicitly deny permission to create DB instances for certain DB instance classes and create DB instances that use Provisioned IOPS<a name="w377aac48c48c33c31b6"></a>
 
 The following policy explicitly denies permission to create DB instances that use the DB instance classes `r3.8xlarge` and `m4.10xlarge`, which are the largest and most expensive DB instance classes\. This policy also prevents users from creating DB instances that use Provisioned IOPS, which incurs an additional cost\. 
 
@@ -359,7 +359,7 @@ Explicitly denying permission supersedes any other permissions granted\. This en
 30. }
 ```
 
-### Example 3: Limit the set of tag keys and values that can be used to tag a resource<a name="w374aac48c48c33c31b8"></a>
+### Example 3: Limit the set of tag keys and values that can be used to tag a resource<a name="w377aac48c48c33c31b8"></a>
 
 The following policy uses an RDS condition key and allows the addition of a tag with the key `stage` to be added to a resource with the values `test`, `qa`, and `production`\.
 
@@ -440,7 +440,7 @@ Following are examples of how you can use custom tags in Amazon RDS IAM permissi
 **Note**  
 All examples use the us\-west\-2 region and contain fictitious account IDs\.
 
-#### Example 1: Grant permission for actions on a resource with a specific tag with two different values<a name="w374aac48c48c33c33c28b6"></a>
+#### Example 1: Grant permission for actions on a resource with a specific tag with two different values<a name="w377aac48c48c33c33c28b6"></a>
 
 The following policy allows permission to perform the `CreateDBSnapshot` API operation on DB instances with either the `stage` tag set to `development` or `test`\.
 
@@ -514,7 +514,7 @@ The following policy allows permission to perform the `ModifyDBInstance` API ope
 33. }
 ```
 
-#### Example 2: Explicitly deny permission to create a DB instance that uses specified DB parameter groups<a name="w374aac48c48c33c33c28b8"></a>
+#### Example 2: Explicitly deny permission to create a DB instance that uses specified DB parameter groups<a name="w377aac48c48c33c33c28b8"></a>
 
 The following policy explicitly denies permission to create a DB instance that uses DB parameter groups with specific tag values\. You might apply this policy if you require that a specific customer\-created DB parameter group always be used when creating DB instances\. Policies that use `Deny` are most often used to restrict access that was granted by a broader policy\.
 
@@ -539,7 +539,7 @@ Explicitly denying permission supersedes any other permissions granted\. This en
 16. }
 ```
 
-#### Example 3: Grant permission for actions on a DB instance with an instance name that is prefixed with a user name<a name="w374aac48c48c33c33c28c10"></a>
+#### Example 3: Grant permission for actions on a DB instance with an instance name that is prefixed with a user name<a name="w377aac48c48c33c33c28c10"></a>
 
 The following policy allows permission to call any API \(except to `AddTagsToResource` or `RemoveTagsFromResource`\) on a DB instance that has a DB instance name that is prefixed with the user's name and that has a tag called `stage` equal to `devo` or that has no tag called `stage`\.
 
diff --git a/doc_source/working-with-custom-sqlserver.md b/doc_source/working-with-custom-sqlserver.md
index 705939a..8fad99d 100644
--- a/doc_source/working-with-custom-sqlserver.md
+++ b/doc_source/working-with-custom-sqlserver.md
@@ -6,6 +6,7 @@ Following, you can find instructions for creating, managing, and maintaining you
 + [RDS Custom for SQL Server workflow](custom-sqlserver.workflow.md)
 + [Requirements and limitations for Amazon RDS Custom for SQL Server](custom-reqs-limits-MS.md)
 + [Setting up your environment for Amazon RDS Custom for SQL Server](custom-setup-sqlserver.md)
++ [Bring Your Own Media with RDS Custom for SQL Server](custom-sqlserver.byom.md)
 + [Working with custom engine versions for RDS Custom for SQL Server](custom-cev-sqlserver.md)
 + [Creating and connecting to a DB instance for Amazon RDS Custom for SQL Server](custom-creating-sqlserver.md)
 + [Managing an Amazon RDS Custom for SQL Server DB instance](custom-managing-sqlserver.md)