Before we launched this feature, the permissions you could assign to individual files and folders in your file share were very limited. You could've changed say the user who own's the file to get read-only or read-write permissions. And now from what you're describing you can assign permissions to different users and groups on those files and folders in your file share.
To enable this feature I suggest using the UpdatedSMBFileShare API, pass your file share ARN and SMBACLEnabled: True
In general to run APIs, you will need to get credentials. Details can be found here: https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html
Hi, You'll be pleased to know that we just launched support for ACLs on the file gateway. So now you can have different folders in your bucket (marketing, common, finance, etc) and use the exported SMB file share after enabling ACLs to set Windows ownership and permissions for individual users and groups (up to 10) on those folders.
Please refer to the announcement for more details and it also points you to the link in our user guide with instructions to enable ACLs: https://forums.aws.amazon.com/ann.jspa?annID=6801
Hi! Thanks @smithaAWS, it's great to know that.
Just for being sure, I want to ask:
a. Without this feature, is it impossible to grant permissions to individual folders on a Bucket using SMB File Gateway joined to domain? I mean, until today it was impossible?
b. Is there any detailed guide for using this feature? I don't know how to access the UpdateSMBFileShare APi.
Thanks so much.
Just applied update-smb-file-share and it's working great.
Now I can assign permissions to my domain users from folder's properties.
I have only one question:
Which is the best way to prevent users (with access to file share) to add permissions for another users? Any user that has access to the file share can modify permissions, even his own permissions.
Thanks you so much.
SMB File Gateway Joined to Domain - PermissionsAccepted Answerasked 4 years ago
The gateway cannot connect to the specified domainasked 3 years ago
File Gateway AD AuthenticationAccepted Answerasked 4 years ago
SMB File Share On Storage Gateway With Windows Permissionasked 9 months ago
How to assign same custom domain to my amplify app and the API gateway that it usesasked 6 months ago
AppStream sealing isssue with image joined to ADasked 4 months ago
Accessing AWS FSX from a windows EC2 that is not joined to the same domain.asked 5 months ago
File gateway connection to ADasked 3 hours ago
AWS Storage gateway and read only shareAccepted Answerasked 10 months ago
File Gateway (SMB) and Folder level KMS (CMK) in bucketasked a year ago