I want to grant specific persons access to API & Services only, but I can't find a specific permissions in the IAM Management.
Currently there is no primitive or predefined roles which give access to only the "API & Services" section of the Google Cloud Console. You can find a full list of the available roles in the Understanding roles documentation.
I was testing it out and I found the most strict role I could give to a user, to access the Cloud Console, was the “roles/browser”. With it my user was still able to see the links to the other sections and only had access to some sections like “IAM & admin” as a viewer. In order to enable access to the "API & Services", I had to add the “roles/serviceusage.serviceUsageViewer” role.
It is important to notice that this combination doesn’t allow the user to see/create API keys or even enable APIs for the project. To be able to do that you would need to add the other roles from the Service Usage roles section.
Alternatively you could create an even more strict custom role with only the permissions your users will really need, however you should be aware of the limitations for using custom roles, which are described in the Known limitations documentation.