A useful thing when it comes to Windows file shares is enabling Access Based Enumeration. When a user doesn't have security permissions to access a folder within a share, the folder is not visible to them.
To enable this, run the powershell command Set-SmbShare -Name Shares -FolderEnumerationMode AccessBased
You can acheive the same thing on the AWS FSx Managed Windows file share by first entering a powershell session to FSx using the command enter-pssession -ComputerName fsxPowershellEndpoint -ConfigurationName FsxRemoteAdmin then the command Set-FSxSmbShare -Name ShareName -FolderEnumerationMode AccessBased.
