I wrote up a short wishlist for AWS a while ago which also included Fine-Grained Access Control for the API. I am very excited that Amazon announced the AWS Identity and Access Management which tackles this problem. It is a preview beta and not yet fully integrated into the management console, but still a good move from Amazon from a security perspective.