How do I encode YAML to Base64 for a Kubernetes Secret?

Paste your YAML and click Encode. Kubernetes stores Secret values under the data field as Base64, so a YAML config file or value must be Base64-encoded before you put it there. This tool validates the YAML and produces the UTF-8-safe Base64 string to paste under data:.

What is the difference between data and stringData in a Kubernetes Secret?

Values under data must be Base64-encoded — use this tool for those. Values under stringData are written as plain text and Kubernetes Base64-encodes them for you at apply time. If you use stringData you do not need to encode manually; data is the field that requires Base64.

Does encoding handle multi-line YAML correctly?

Yes. The whole document, including indentation and multi-line block scalars, is encoded byte-for-byte and restored exactly on decode. The encoder is UTF-8-safe, so non-ASCII values survive the round trip.

Is Base64 in a Secret the same as encryption?

No — and this is a common misconception. Kubernetes Secret data is only Base64-encoded, not encrypted; anyone with read access can decode it. Enable encryption at rest and RBAC for real protection. Base64 here is an encoding requirement, not a security control.

Is my YAML uploaded anywhere?

No. Validation and encoding run in your browser. Your config and secret values never leave your device.

YAML to Base64 - Encode YAML to Base64 Online Free

YAML to Base64 — encode for Kubernetes Secrets & config

The number-one reason to encode YAML as Base64 is Kubernetes: every value under a Secret's data: field must be Base64-encoded. This tool validates your YAML, then produces the UTF-8-safe Base64 string to paste in — entirely in your browser, so credentials never leave your machine.

`data` vs `stringData`

Field	Value form
`data`	must be Base64 — use this tool
`stringData`	plain text — Kubernetes encodes it for you

⚠️ A Secret is encoded, not encrypted

Base64 in a Secret provides no confidentiality — anyone with read access can decode it. Use encryption-at-rest and RBAC for real protection. Reverse this with Base64 to YAML.

Related tools

Base64 to YAML — decode a Secret value
JSON to Base64 · XML to Base64
YAML Validator · YAML to JSON

Free YAML to Base64 encoder — UTF-8-safe, ideal for Kubernetes Secrets

YAML to Base64 — encode for Kubernetes Secrets & config

data vs stringData

⚠️ A Secret is encoded, not encrypted

Related tools

`data` vs `stringData`