Is your feature request related to a problem? Please describe.
I observed that the Lambda Promtail Lambda function requires the password environment variable to be a string. Exposing the password as plaintext when accessed from the AWS Console poses a security risk/vulnerability.

Describe the solution you'd like
I would like the handler to be updated so that it can support a password value that is either the Amazon Resource Name (ARN) of a Secrets Manager secret or the secure string of a Systems Manager Parameter Store secret.

Describe alternatives you've considered
No alternative

Additional context
None.