As you can see in the logs the credentials are not accepted.
As instructed in the docs you are required to put the
secure_password in the keystore. You cannot put it in the yml.
Since it looks like you are using elastic cloud see here for how to put that in keystore.
You may also need to follow the docs about Gmail authentication
If you get an authentication error that indicates that you need to continue the sign-in process from a web browser when Watcher attempts to send email, you need to configure Gmail to Allow Less Secure Apps to access your account.