Leaked AWS credentials, Amazon Web Services credentials may be exposed - Google play console [closed]
Solution 1:
Embedding AWS credentials on any client-side apps is a scary idea. In order to solve this challenge, you would have to use either CloudFront or S3 Signed URLs.
This approach requires the generation of short-lived upload/download URLs in one of your APIs so that it could send back to the client-application a URL where we can directly upload/download assets to/from an S3 bucket.
It allows us to avoid the hardcoding of AWS credentials on client-applications and have dynamic short-lived URLs dedicated for one-time upload/download operations on-demand.
It shouldn't be that hard and you could follow this tutorial to learn more about S3 signed urls.