diff --git a/deploy-manage/deploy/self-managed/configure.md b/deploy-manage/deploy/self-managed/configure.md
index 501069c3af..d2780885b2 100644
--- a/deploy-manage/deploy/self-managed/configure.md
+++ b/deploy-manage/deploy/self-managed/configure.md
@@ -59,6 +59,9 @@ Environment variables can be injected into configuration using `${MY_ENV_VAR}` s
 `csp.report_only.form_action`
 :   Add sources for the [Content Security Policy `form-action` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action) in reporting mode.
 
+`csp.report_only.object_src`
+:   Add sources for the [Content Security Policy `object-src` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/object-src) in reporting mode.
+
 `csp.report_uri`
 :   Add sources for the [Content Security Policy `report-uri` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-uri).
 
diff --git a/raw-migrated-files/cloud/cloud-heroku/ech-manage-kibana-settings.md b/raw-migrated-files/cloud/cloud-heroku/ech-manage-kibana-settings.md
index 265c07d363..8e7958d35f 100644
--- a/raw-migrated-files/cloud/cloud-heroku/ech-manage-kibana-settings.md
+++ b/raw-migrated-files/cloud/cloud-heroku/ech-manage-kibana-settings.md
@@ -634,6 +634,9 @@ This setting is not available in versions 8.0.0 through 8.2.0. As such, this set
 `csp.report_only.form_action`
 :   Add sources for the [Content Security Policy `form-action` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action) in reporting mode.
 
+`csp.report_only.object_src`
+:   Add sources for the [Content Security Policy `object-src` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/object-src) in reporting mode.
+
 $$$csp-strict$$$ `csp.strict`
 :   Blocks Kibana access to any browser that does not enforce even rudimentary CSP rules. In practice, this disables support for older, less safe browsers like Internet Explorer. **Default: `true`** To learn more, check [Configure Kibana](https://www.elastic.co/guide/en/kibana/current/settings.html)].
 
diff --git a/raw-migrated-files/cloud/cloud/ec-manage-kibana-settings.md b/raw-migrated-files/cloud/cloud/ec-manage-kibana-settings.md
index dd71202fa1..3d52af8af7 100644
--- a/raw-migrated-files/cloud/cloud/ec-manage-kibana-settings.md
+++ b/raw-migrated-files/cloud/cloud/ec-manage-kibana-settings.md
@@ -634,6 +634,9 @@ This setting is not available in versions 8.0.0 through 8.2.0. As such, this set
 `csp.report_only.form_action`
 :   Add sources for the [Content Security Policy `form-action` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/form-action) in reporting mode.
 
+`csp.report_only.object_src`
+:   Add sources for the [Content Security Policy `object-src` directive](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/object-src) in reporting mode.
+
 $$$csp-strict$$$ `csp.strict`
 :   Blocks Kibana access to any browser that does not enforce even rudimentary CSP rules. In practice, this disables support for older, less safe browsers like Internet Explorer. **Default: `true`** To learn more, check [Configure Kibana](https://www.elastic.co/guide/en/kibana/current/settings.html)].