I have recently switched paperclip uploads to use :s3_permissions => :private
https://github.com/thoughtbot/paperclip/wiki/Restricting-Access-to-Objects-Stored-on-Amazon-S3
All new uploads are now secured and private.
Now I am trying to secure all previous uploads.
Is it possible to trigger a process that will re-upload as secure with amazon S3?
It would be far easier to update the permissions on all of the objects instead of re-uploading them.
Two ways I can think of to do this:
Paperclip has a set_permissions method for attachments using s3 storage, so you could loop through your existing models and call something like user.avatar.set_permissions(:private) on each record.
A tool like s3cmd would also be well suited to accomplish this. Once installed, a command like this would do it:
s3cmd setacl --acl-private --recursive --verbose s3://your_bucket/paperclip/path
UPDATE: set_permissions does not do what you would think; it's used when creating the object but does not update the object. Instead, use the paperclip s3_object method and then update the object using the aws-sdk api:
user.avatar.s3_object.acl.put(acl: 'private')