🔐 Base64 Encoding and Decoding: What, Why, and How It's Used in DevOps

Sidharth ShuklaSidharth Shukla
2 min read

Base64 is a text-based encoding scheme that converts binary data (like images or files) into an ASCII string. Though not encryption, Base64 is widely used in systems that need to handle binary data in a textual format—such as APIs, shell scripts, and infrastructure pipelines.

📦 What Is Base64?

Base64 uses 64 characters: A-Z, a-z, 0-9, +, / and = for padding.

  • Input: "Hello"

  • Output: "SGVsbG8="

It's commonly used to safely transmit binary data over media designed for text.

⚙️ Encoding & Decoding Examples

🐧 Linux CLI:

# Encode
echo "Hello" | base64

# Decode
echo "SGVsbG8=" | base64 --decode

🐍 Python:

import base64
encoded = base64.b64encode("Hello".encode()).decode()
decoded = base64.b64decode(encoded).decode()

🌐 JavaScript (Browser):

btoa("Hello");   // Encode
atob("SGVsbG8="); // Decode

🔒 Security Consideration

  • ⚠️ Base64 is not encryption. Anyone can decode it easily

Yet, it's often used to:

  • Obscure credentials in config files and API calls

  • Encode tokens in JWTs (JSON Web Tokens)

  • Transfer sensitive data between services

To secure the data:

  • Combine with encryption (e.g., AES + Base64)

  • Use secure transport (e.g., HTTPS)

  • Leverage secrets managers (like Vault, AWS Secrets Manager)

🚀 Real DevOps Use Cases

CI/CD Pipelines:

  • Encode environment variables and secrets for portability

Kubernetes:

  • Secrets are stored as Base64-encoded strings in YAML:
apiVersion: v1
kind: Secret
metadata:
  name: db-creds
data:
  username: YWRtaW4=  # "admin"
  password: cGFzc3dvcmQ=  # "password"

Docker:

  • .dockerconfigjson file stores credentials in Base64

GitOps & IaC Tools:

  • Terraform, Ansible, and Helm often use Base64 for key exchange or secret bootstrapping

📝 Summary

Use CaseSafe?Notes
Obfuscating valuesBut don't rely on it for security
Data transportUseful in APIs and pipelines
Storing secretsAlways combine with proper encryption

💡 Base64 is a bridge, not a lock. Use it smartly—especially when security and automation intersect in DevOps workflows.

0
Subscribe to my newsletter

Read articles from Sidharth Shukla directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Sidharth Shukla
Sidharth Shukla

DevOps Enginner