The config file contains access tokens which allow your rclone instance to access your Amazon Drive for you, however in order for an application like rclone to request those access tokens from Amazon in the first place and send you to that Amazon "Application XY would like to access your account" page, a developer needs to register an application with Amazon first and then Amazon gives them a client_id and a client_secret. Look into OAuth for more info if interested.
Those credentials were hardcoded into the rclone code and visible to everyone, however as the name suggests they are supposed to be secret and only held by the devs of the registered application. This way other people can't go and just use the keys to make their own apps with it and amazon can tell for certain what application is responsible for requests.
Since they were public it allowed everyone to just use those and make their own. It appears Amazon doesn't like that.
Also note that unlike almost all other cloud storage providers, you currently can't sign up and register to make a new ACD app, signup for that is closed and only people that already had credentials previously can still make ACD apps. So it seems Amazon is cracking down on any way anyone could use the cloud Drive API in a way they don't approve of.
Only real workaround I saw suggested to fix it is a website hosted by the rclone devs that handles the process of getting the access token for you without telling you the client_secret, however that would require you to trust the devs and they could access all your data if they wanted. That is also only possible if amazon decides to give them credentials again in the first place, which seems questionable since they really don't seem to like 3rd party apps anymore
Edit: also that workaround would of course still allow anyone to do whatever they want with the API on any account they have an access token for