https://support.google.com/faqs/answer/9093739
How to resolve leaked AWS credentials in Android App, we initialize AWS Rekognition using https://docs.aws.amazon.com/sdk-for-kotlin/latest/developer-guide/kotlin_rekognition_code_examples.html and the client needs to initialize it. How do we pass the access keys for the Android App
Familiarize yourself with the AWS Well-Architected Framework describing the risk of long-term credentials https://docs.aws.amazon.com/wellarchitected/latest/security-pillar/sec_identities_unique.html and follow the advice to leverage temporary credentials for your use case.
You can achieve that by using Amazon Cognito to retrieve short-lived credentials via the AWS Security Token Service (AWS STS), see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_cognito.html for more details.
An alternative could be using Amazon API-Gateway in front of your AWS API calls and secure it accordingly.
Don't forget to invalidate the leaked credentials (see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html)!