From d1e30af9ced2d36a0fd50e6b69ffc32739e7229d Mon Sep 17 00:00:00 2001
From: Dan Heath <76443935+Dan-Heath@users.noreply.github.com>
Date: Thu, 23 Mar 2023 13:56:13 -0400
Subject: [PATCH] docs: Add links to new tutorials (#3106)

* docs: Add links to new tutorials

* docs: Make heading plural

* docs: Small rewrite to force a commit
---
 .../docs/concepts/domain-model/credential-libraries.mdx   | 8 ++++++--
 website/content/docs/configuration/worker/pki-worker.mdx  | 8 +++++---
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/website/content/docs/concepts/domain-model/credential-libraries.mdx b/website/content/docs/concepts/domain-model/credential-libraries.mdx
index 6f09ce5733..baab3e5596 100644
--- a/website/content/docs/concepts/domain-model/credential-libraries.mdx
+++ b/website/content/docs/concepts/domain-model/credential-libraries.mdx
@@ -5,7 +5,7 @@ description: |-
   The anatomy of a Boundary credential library
 ---
 
-# Credential Libraries
+# Credential libraries
 
 A credential library is a resource that provides [credentials][] of the same type and same access level from a single [credential store][].
 
@@ -30,7 +30,7 @@ The default value is `GET`.
 - `http_request_body` - (optional) The body of the HTTP request the library sends to Vault when requesting credentials.
 Only valid if `http_method` is set to `POST`.
 
-### Vault SSH certificate credential library attributes<sup>HCP Only</sup>
+### Vault SSH certificate credential library attributes <sup>HCP only</sup>
 
 As of Boundary 0.12.0, you can configure SSH credential injection using [Vault's SSH secrets engine](/vault/docs/secrets/ssh) to create the SSH certificate credentials.
 SSH certificate-based authentication extends key-based authentication using digital signatures.
@@ -103,6 +103,10 @@ The following example turns `foo@example.com` into `foo`:
 
 The example above uses the account email, but it could be any other parameter.
 
+## Tutorial
+
+Refer to the [SSH certificate injection with HCP Boundary](/boundary/tutorials/access-management/hcp-certificate-injection) tutorial to learn how to configure credential injection with SSH certificates using Vault.
+
 ## Referenced by
 
 - [Credential][]
diff --git a/website/content/docs/configuration/worker/pki-worker.mdx b/website/content/docs/configuration/worker/pki-worker.mdx
index 9e6c43cd85..0c6c08b544 100644
--- a/website/content/docs/configuration/worker/pki-worker.mdx
+++ b/website/content/docs/configuration/worker/pki-worker.mdx
@@ -6,7 +6,7 @@ description: |-
 ---
 
 
-# PKI Worker Configuration
+# PKI worker configuration
 PKI Workers authenticate to Boundary using a certificate-based method, allowing
 for worker deployment without using a shared KMS.
 
@@ -42,7 +42,7 @@ worker {
 }
 ```
 
-Once the worker starts, it will read this token and use it to authorize to the
+Once the worker starts, it reads this token and uses it to authorize to the
 cluster. Note that this token is one-time-use; it is safe to keep it here even
 after the worker has successfully authorized and authenticated, as it will be
 unusable at that point.
@@ -169,6 +169,8 @@ kms "aead" {
 [target]: /boundary/docs/concepts/domain-model/targets
 [target worker filters]: /boundary/docs/concepts/filtering/worker-tags#target-worker-filtering
 
-## Tutorial
+## Tutorials
 
 Refer to the [Self-Managed Worker Registration with HCP Boundary](/boundary/tutorials/hcp-administration/hcp-manage-workers) tutorial to learn how to register and manage PKI workers.
+
+Refer to the [Manage Multi-Hop Sessions with HCP Boundary](/boundary/tutorials/hcp-administration/hcp-manage-multi-hop) tutorial to learn how to configure a multi-hop session.
\ No newline at end of file