The Elastic Serverless Forwarder AWS Lambda function accesses two credential values: ESF-CLOUD-ID, ESF-API-KEY
The Lambda function does not cache the credentials. It retrieves them on every invocation of the Lambda function.
For security, the credentials must be stored in a secure location. It can retrieve them from AWS Secrets Manager or AWS SSM parameter store. Both cost the exact same per every 10,000 API calls ($0.05 USD).
This is costing the company hundreds of dollars per month, purely for the API calls to the single Secrets Manager secret that contains both of the credentials. (The lower figure for one department being at least 18 million API calls per month).
The Elastic Serverless Forwarder AWS Lambda function does not support retrieving secrets through the AWS Parameters and Secrets Lambda Extension (localhost:2773), which caches values for up to 5 minutes.
Ref: Use Secrets Manager secrets in Lambda functions - AWS Lambda
Nor was it correctly coded to have the variables associated with credentials defined at module scope, so that they will persist for the lifetime of the Lambda execution environment, (being across warm invocations; but recreated on a cold start).
Will Elastic Company update the Elastic Serverless Forwarder AWS Lambda function to permit a means of caching credentials in order to save its customers money, (that is paid to AWS, not Elastic)?