Azure · Copilot · May 28, 2026 · May 28, 2026 · May 28, 2026
@@ -37,6 +37,8 @@
     text: az container create -g MyResourceGroup --name myapp --image myimage:latest --command-line "echo hello" --restart-policy Never
   - name: Create a container in a container group with environment variables.
     text: az container create -g MyResourceGroup --name myapp --image myimage:latest --environment-variables key1=value1 key2=value2
+  - name: In PowerShell, use azps to preserve special characters in environment variable values passed from $env variables.
+    text: azps container create -g MyResourceGroup --name myapp --image myimage:latest --environment-variables APP_DB_PASSWORD="$env:APP_DB_PASSWORD"
   - name: Create a container in a container group using container image from Azure Container Registry.
     text: az container create -g MyResourceGroup --name myapp --image myAcrRegistry.azurecr.io/myimage:latest --registry-password password
   - name: Create a container in a container group that mounts an Azure File share as volume.

@@ -80,8 +80,8 @@ def load_arguments(self, _):
         c.argument('dns_name_label', help='The dns name label for container group with public IP')
         c.argument('restart_policy', arg_type=get_enum_type(ContainerGroupRestartPolicy), help='Restart policy for all containers within the container group')
         c.argument('command_line', help='The command line to run when the container is started, e.g. \'/bin/bash -c myscript.sh\'')
-        c.argument('environment_variables', nargs='+', options_list=['--environment-variables', '-e'], type=_environment_variables_type, help='A list of environment variable for the container. Space-separated values in \'key=value\' format.')
-        c.argument('secure_environment_variables', nargs='+', type=_secure_environment_variables_type, help='A list of secure environment variable for the container. Space-separated values in \'key=value\' format.')
+        c.argument('environment_variables', nargs='+', options_list=['--environment-variables', '-e'], type=_environment_variables_type, help='A list of environment variables for the container. Space-separated values in \'key=value\' format. In PowerShell, use azps when values include special characters like " or ^.')
+        c.argument('secure_environment_variables', nargs='+', type=_secure_environment_variables_type, help='A list of secure environment variables for the container. Space-separated values in \'key=value\' format. In PowerShell, use azps when values include special characters like " or ^.')
         c.argument('secrets', secrets_type)
         c.argument('secrets_mount_path', validator=validate_volume_mount_path, help="The path within the container where the secrets volume should be mounted. Must not contain colon ':'.")
         c.argument('file', options_list=['--file', '-f'], help="The path to the input file.")
@@ -175,8 +175,8 @@ def load_arguments(self, _):
         c.argument('protocol', arg_type=get_enum_type(ContainerNetworkProtocol), help='The network protocol to use')
         c.argument('restart_policy', arg_type=get_enum_type(ContainerGroupRestartPolicy), help='Restart policy for all containers within the container group')
         c.argument('command_line', help='The command line to run when the container is started, e.g. \'/bin/bash -c myscript.sh\'')
-        c.argument('environment_variables', nargs='+', options_list=['--environment-variables', '-e'], type=_environment_variables_type, help='A list of environment variable for the container. Space-separated values in \'key=value\' format.')
-        c.argument('secure_environment_variables', nargs='+', type=_secure_environment_variables_type, help='A list of secure environment variable for the container. Space-separated values in \'key=value\' format.')
+        c.argument('environment_variables', nargs='+', options_list=['--environment-variables', '-e'], type=_environment_variables_type, help='A list of environment variables for the container. Space-separated values in \'key=value\' format. In PowerShell, use azps when values include special characters like " or ^.')
+        c.argument('secure_environment_variables', nargs='+', type=_secure_environment_variables_type, help='A list of secure environment variables for the container. Space-separated values in \'key=value\' format. In PowerShell, use azps when values include special characters like " or ^.')
         c.argument('secrets', secrets_type)
         c.argument('secrets_mount_path', validator=validate_volume_mount_path, help="The path within the container where the secrets volume should be mounted. Must not contain colon ':'.")
         c.argument('file', options_list=['--file', '-f'], help="The path to the input file.")

@@ -0,0 +1,33 @@
+#!/usr/bin/env python
+# --------------------------------------------------------------------------------------------
+# Copyright (c) Microsoft Corporation. All rights reserved.
+# Licensed under the MIT License. See License.txt in the project root for license information.
+# --------------------------------------------------------------------------------------------
+
+import json
+import unittest
+
+from azure.cli.command_modules.container._params import _environment_variables_type, _secure_environment_variables_type
+
+
+class ContainerParamsTest(unittest.TestCase):
+
+    def test_environment_variables_type_preserves_special_characters(self):
+        env = _environment_variables_type('APP_DB_PASSWORD=wada"wada^')
+        self.assertEqual(env['name'], 'APP_DB_PASSWORD')
+        self.assertEqual(env['value'], 'wada"wada^')
+
+        payload = json.dumps({'environmentVariables': [env]})
+        self.assertIn('wada\\"wada^', payload)
+
+    def test_secure_environment_variables_type_preserves_special_characters(self):
+        env = _secure_environment_variables_type('APP_DB_PASSWORD=wada"wada^')
+        self.assertEqual(env['name'], 'APP_DB_PASSWORD')
+        self.assertEqual(env['secureValue'], 'wada"wada^')
+
+        payload = json.dumps({'environmentVariables': [env]})
+        self.assertIn('wada\\"wada^', payload)
+
+
+if __name__ == '__main__':
+    unittest.main()