The AWS Storage Gateway service added support for Access Control Lists (ACLs) to Server Message Block (SMB) shares on the File Gateway, helping enforce data security standards when using the gateway for storing and accessing data in Amazon Simple Storage Service (S3). With this launch, you can apply Windows permissions and ownerships for up to 10 Access Control Entries (ACE), enabling you to provide fine grained access controls on individual files and folders in your gateway’s file share. Each ACE specifies Windows permissions and ownership for an Active Directory (AD) user or group. File Gateway offers SMB and Network File System (NFS) based access for on-premises applications to objects in Amazon S3. Through its local caching, optimized data transfer capabilities, and Amazon CloudWatch Events integrations, File Gateway enables automated hybrid cloud workflows, content distribution, backup, and data archival in Amazon S3.
from Recent Announcements https://aws.amazon.com/about-aws/whats-new/2019/05/AWS-Storage-Gateway-enhances-access-control-for-SMB-shares-to-access-objects-in-Amazon-s3/