# Securing Access to Cloud APIs

Secure your cloud APIs with Teleport. Control access to management consoles and CLI tools using the Teleport RBAC system. Track every change with granular audit logs and enable Just-in-Time access so teams get permissions only when they need them.

<br />

### Amazon Web Services (AWS)

Centralize AWS access for the console, APIs, CLI, and SDKs. Authenticated users can be mapped directly to AWS roles.

### [AWS Console and CLI access with IAM Roles Anywhere](https://goteleport.com/docs/enroll-resources/application-access/cloud-apis/aws-console-roles-anywhere.md)

**Recommended when:**

- Full compatibility with AWS CLI, SDKs, or Terraform is required.
- You want to manage access without additional infrastructure.

### [AWS Console and CLI access via Teleport Application Service](https://goteleport.com/docs/enroll-resources/application-access/cloud-apis/aws-console.md)

**Recommended when:**

- Full API audit for all requests is required.

### [AWS Console and CLI with OIDC integration](https://goteleport.com/docs/enroll-resources/application-access/cloud-apis/awsoidc-integration-console.md)

**Recommended when:**

- Full API audit for all requests is required.
- Your Teleport cluster is publicly accessible.

### Microsoft Azure

### [Azure CLI access via Teleport Application Service](https://goteleport.com/docs/enroll-resources/application-access/cloud-apis/azure.md)

**Recommended when:**

- Full API audit for all requests is required.
- Teleport Application Service is deployed on Azure Virtual Machines.

### [Azure CLI access via Teleport Application Service on AKS](https://goteleport.com/docs/enroll-resources/application-access/cloud-apis/azure-aks-workload-id.md)

**Recommended when:**

- Full API audit for all requests is required.
- Teleport Application Service is deployed on Azure Kubernetes Service (AKS).

### [Azure Portal and CLI access with Teleport as IdP](https://goteleport.com/docs/identity-governance/idps/usage/saml-microsoft-entra-external-id.md)

**Recommended when:**

- Azure Portal is required.
- Full compatibility with Azure client tools is required.

### Google Cloud

### [Google Cloud API access via Teleport Application Service](https://goteleport.com/docs/enroll-resources/application-access/cloud-apis/google-cloud.md)

**Recommended when:**

- Full API audit for all requests is required.

### [Google Cloud Web Console and API access with Teleport as IdP](https://goteleport.com/docs/identity-governance/idps/usage/saml-gcp-workforce-identity-federation.md)

**Recommended when:**

- Google Cloud Web Console is required.
- Full compatibility with Google Cloud tools is required.