Kubernetes Secret Generator

Generate Kubernetes Secrets safely using stringData to keep your YAML readable before deploying. Supports Opaque, TLS, and Docker Registry secrets.

Secret Configuration

Metadata

Secret Data (Kubernetes auto-base64-encodes stringData on write)

secret-configuration.yaml
1

Kubernetes Secret Generator

Overview

Generate Kubernetes Secret manifests using `stringData`. This allows you to write secrets in plain text within your generator or repository, while Kubernetes automatically handles the base64 encoding when the object is applied to the API server.

Frequently Asked Questions

Why use stringData instead of data?
If you use the `data` field in Kubernetes Secrets, you must manually base64-encode every value before pasting it into the YAML. If you use `stringData`, you can type the raw string directly, and Kubernetes will automatically encode it for you upon creation.
Are Kubernetes Secrets encrypted?
By default, Kubernetes Secrets are only base64-encoded, NOT encrypted, when stored in etcd. You must configure etcd Encryption at Rest on your cluster to properly secure them, or use an external KMS.