Thanks, Vasyl.
My team has tried the User Access Manager plugin and it seems to do the job of securing physical file access. It looks like an htaccess file gets created in the uploads folder on the server.
https://www.ads-software.com/plugins/user-access-manager/
Is this something that can be built into the Advanced Access Manager?
