Access for all files by default is private. But I want to share (time limited) URLs with clients. eg.
http://bucket-test.s3.amazonaws.com/stockphotopro_75275855PCL_no_title.jpg?AWSAccessKeyId=XXXXXXXXXX&Expires=1300947912&Signature=YYYYYYYYYYYYYYYYYYYYYYY%3D
The AWS access key ID is not secret - it's effectively your username for authenticating with Amazon services. Think of it like an email address, or your username on this site: I still need your password (secret key, in Amazon's case) to log in.
It would be very difficult to brute force the private key (I don't want to say impossible, but as close as you can get to that). I imagine Amazon would implement some kind of rate limiting and IP blocking should you repeatedly attempt to authenticate with an incorrect secret key.
I am not sure I would necessarily make your access key publicly known, but from a risk perspective having your access key publicly known would have little to no impact. If you google "AWSAccessKeyID=" you'll find a number of well known sites who put their public keys in their URLs.
Just don't go around handing out your private key!