You want to deploy Filebeat using Elastic Cloud in some servers that are managed by a 3rd party company.
Is there any way to do that without using the Elastic Cloud global credentials?
As those credentials are the same for accessing Kibana / ElasticSearch, that 3rd part company could use them to access all the other servers logs.
You can define a different user with permissions in some specific indexes for the 3rd party company. You could use these credentials to configure Filebeat in their instances and keep the global credentials only for yourself.