diff --git a/commands/variable/set/set.go b/commands/variable/set/set.go
index 3e9083ae1..3a05e686c 100644
--- a/commands/variable/set/set.go
+++ b/commands/variable/set/set.go
@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"io/ioutil"
+	"regexp"
 	"strings"
 
 	"github.com/MakeNowJust/heredoc"
@@ -34,6 +35,8 @@ func NewVariableCmd(f *cmdutils.Factory, runE func(opts *SetOpts) error) *cobra.
 		IO: f.IO,
 	}
 
+	validKeyMsg := "A valid key must have no more than 255 characters; only A-Z, a-z, 0-9, and _ are allowed"
+
 	cmd := &cobra.Command{
 		Use:     "set <key> <value>",
 		Short:   "Create a new project or group variable",
@@ -55,6 +58,10 @@ func NewVariableCmd(f *cmdutils.Factory, runE func(opts *SetOpts) error) *cobra.
 
 			opts.Key = args[0]
 
+			if !isValidKey(opts.Key) {
+				return cmdutils.FlagError{Err: fmt.Errorf("invalid key provided.\n%s", validKeyMsg)}
+			}
+
 			if opts.Value != "" && len(args) == 2 {
 				if opts.Value != "" {
 					return cmdutils.FlagError{Err: errors.New("specify value either by second positional argument or --value flag")}
@@ -149,3 +156,15 @@ func setRun(opts *SetOpts) error {
 	fmt.Fprintf(opts.IO.StdOut, "%s Created variable %s for %s\n", utils.GreenCheck(), opts.Key, baseRepo.FullName())
 	return nil
 }
+
+// isValidKey checks if a key is valid if it follows the following criteria:
+// must have no more than 255 characters;
+// only A-Z, a-z, 0-9, and _ are allowed
+func isValidKey(key string) bool {
+	// check if key falls within range of 1-255
+	if len(key) > 255 || len(key) < 1 {
+		return false
+	}
+	keyRE := regexp.MustCompile(`^[A-Za-z0-9_]+$`)
+	return keyRE.MatchString(key)
+}