AWS Storage Gateway enhances access control for SMB shares to store and access objects in Amazon S3 buckets
The AWS Storage Gateway service added support for Access Control Lists (ACLs) to Server Message Block (SMB) shares on the File Gateway, helping enforce data security standards when using the gateway for storing and accessing data in Amazon Simple Storage Service (S3). With this launch, you can apply Windows permissions and ownerships for up to 10 Access Control Entries (ACE), enabling you to provide fine grained access controls on individual files and folders in your gateway’s file share. Each ACE specifies Windows permissions and ownership for an Active Directory (AD) user or group. File Gateway offers SMB and Network File System (NFS) based access for on-premises applications to objects in Amazon S3. Through its local caching, optimized data transfer capabilities, and Amazon CloudWatch Events integrations, File Gateway enables automated hybrid cloud workflows, content distribution, backup, and data archival in Amazon S3.
You can create file shares on new File Gateways and enable SMB ACLs in every region where AWS Storage Gateway is available. To use this feature with file shares on existing gateways, a software update will be made generally available by May 29nd, 2019.
Learn about using SMB ACLs here, and try these new AWS Storage Gateway features today.