The Azure Cloud Solution Architect Toolbox: Essential Tools for macOS and Windows

Working effectively as an Azure Cloud Solution Architect requires a well-configured workstation. Whether you’re on macOS or Windows, you need a consistent set of tools for infrastructure provisioning, scripting, container management, and day-to-day cloud operations.

This post covers the tools I rely on daily and how to install them across macOS, Windows (PowerShell + Scoop), and Linux (WSL with Ubuntu).

Package Managers First Link to heading

Before installing anything, set up a proper package manager. Package managers keep your tools up to date, handle dependencies, and make your setup reproducible.

macOS: Homebrew Link to heading

Homebrew is the standard package manager for macOS.

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

Windows: Scoop Link to heading

Scoop installs tools from the command line without requiring admin privileges. It avoids PATH pollution and GUI installers.

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
Invoke-RestMethod -Uri https://get.scoop.sh | Invoke-Expression

Add the extras bucket for additional tools:

scoop bucket add extras

Windows: WSL with Ubuntu Link to heading

WSL (Windows Subsystem for Linux) gives you a full Linux environment on Windows. We specifically want Ubuntu because it mirrors what most CI/CD runners use in production. Whether you’re running GitHub Actions or Azure DevOps Pipelines, the hosted runner is almost always an Ubuntu-based Linux machine. By developing and testing your scripts, OpenTofu/Terraform configurations, and automation workflows inside WSL with Ubuntu, you get an environment that closely matches your CI/CD runners. This means your shell scripts, file permissions, path handling, and line endings all behave almost exactly as they will when your pipeline runs — no more “works on my machine” surprises when you push to the automation server.

Install WSL with Ubuntu:

wsl --install -d Ubuntu

Once inside your Ubuntu WSL environment, install Homebrew for Linux to manage your tooling:

/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

Tip: I recommend running all your infrastructure-as-code workflows (Terraform, scripts, pipeline testing, etc.) inside WSL rather than native Windows. This gives you the closest parity with your CI/CD runner environment and lets you catch issues locally before they fail in your pipeline. You will also find that community support and documentation for these tools is often Linux-focused, making WSL a more seamless experience.

Core Azure Tools Link to heading

Azure CLI Link to heading

The primary command-line interface for managing Azure resources. You’ll use this constantly.

macOS / Linux:

brew install azure-cli

Windows (Scoop):

scoop install azure-cli

After installation:

az login

# List your subscriptions to find the one you need
az account list --output table

# Or get a clean list of just the names
az account list | jq -r '.[].name'

# Set the subscription you want to work with
az account set --subscription "Your Subscription Name"

# Keep Azure CLI current
az upgrade

Azure PowerShell Module Link to heading

Essential for automation scenarios where PowerShell is preferred, and for working with certain Azure services that have richer PowerShell cmdlet support.

macOS / Linux:

brew install powershell
pwsh -Command "Install-Module -Name Az -Repository PSGallery -Force"

Windows (PowerShell):

Install-Module -Name Az -Repository PSGallery -Force

Azure Developer CLI (azd) Link to heading

A higher-level CLI focused on developer workflows — provisioning infrastructure and deploying applications from templates.

macOS / Linux:

brew install azure-dev

Windows (Scoop):

scoop install azure-dev

Bicep CLI Link to heading

Azure’s domain-specific language for deploying Azure resources declaratively. It compiles down to ARM templates but is far more readable.

az bicep install
az bicep upgrade

This works on all platforms since it’s installed as an Azure CLI extension.

Infrastructure as Code Link to heading

Terraform Link to heading

The industry-standard multi-cloud IaC tool. Even in Azure-heavy shops, Terraform is widely used alongside or instead of Bicep.

macOS / Linux:

brew install terraform

Windows (Scoop):

scoop install terraform

OpenTofu Link to heading

The open-source fork of Terraform. Worth having available if your organization is evaluating alternatives.

macOS / Linux:

brew install opentofu

Windows (Scoop):

scoop install opentofu

Terragrunt Link to heading

A thin wrapper for Terraform that provides extra tooling for keeping configurations DRY and working with multiple modules.

macOS / Linux:

brew install terragrunt

Windows (Scoop):

scoop install terragrunt

Containers and Kubernetes Link to heading

Docker Link to heading

Required for local container development and testing.

macOS:

brew install --cask docker

Windows:

Install Docker Desktop with WSL 2 backend enabled.

kubectl Link to heading

The Kubernetes command-line tool for working with AKS and other clusters.

macOS / Linux:

brew install kubectl

Windows (Scoop):

scoop install kubectl

Helm Link to heading

The package manager for Kubernetes. Used for deploying applications and managing releases on AKS.

macOS / Linux:

brew install helm

Windows (Scoop):

scoop install helm

kubelogin Link to heading

An Azure-specific credential plugin for kubectl that enables Azure AD authentication for AKS clusters.

macOS / Linux:

brew install Azure/kubelogin/kubelogin

Windows (Scoop):

scoop install kubelogin

Source Control and CI/CD Link to heading

Git Link to heading

The foundation of everything. Make sure you have a recent version rather than the OS-bundled one.

macOS / Linux:

brew install git

Windows (Scoop):

scoop install git

GitHub CLI Link to heading

Useful for working with pull requests, issues, and GitHub Actions from the terminal.

macOS / Linux:

brew install gh

Windows (Scoop):

scoop install gh

Azure DevOps CLI Extension Link to heading

If your organization uses Azure DevOps:

az extension add --name azure-devops
az devops configure --defaults organization=https://dev.azure.com/YourOrg project=YourProject

Editors and IDEs Link to heading

Visual Studio Code Link to heading

The go-to editor for cloud work. Excellent Azure, Terraform, and Bicep extensions.

macOS / Linux:

brew install --cask visual-studio-code

Windows (Scoop):

scoop install vscode

Key extensions for Azure architects:

Azure Account — sign in and manage subscriptions
Azure Resources — browse and manage resources
Bicep — language support for Bicep files
HashiCorp Terraform — language support for Terraform
YAML — essential for pipelines and Kubernetes manifests
REST Client — test Azure REST APIs directly from VS Code
Remote - WSL (Windows) — develop inside WSL from VS Code

Networking and Debugging Link to heading

curl / wget Link to heading

For testing endpoints, downloading scripts, and interacting with Azure REST APIs.

macOS / Linux:

brew install curl wget

Windows (Scoop):

scoop install curl wget

jq Link to heading

A command-line JSON processor. Indispensable when working with Azure CLI output.

macOS / Linux:

brew install jq

Windows (Scoop):

scoop install jq

Azure Storage Explorer Link to heading

A GUI tool for browsing and managing Azure Storage accounts, blobs, queues, and tables.

macOS:

brew install --cask microsoft-azure-storage-explorer

Windows (Scoop):

scoop install storageexplorer

Security and Compliance Link to heading

tfsec / trivy Link to heading

Static analysis for Terraform files to catch security misconfigurations before deployment.

macOS / Linux:

brew install trivy

Windows (Scoop):

scoop install trivy

checkov Link to heading

Policy-as-code scanning for Terraform, Bicep, ARM templates, Kubernetes manifests, and more.

pip install checkov

Azure Cost CLI Link to heading

A command-line tool for quick cost analysis of Azure resources.

dotnet tool install --global azure-cost-cli

Scripting Languages and Runtimes Link to heading

Python Link to heading

Required for many Azure SDKs, automation scripts, and tools like checkov.

macOS / Linux:

brew install python

Windows (Scoop):

scoop install python

.NET SDK Link to heading

Needed for Azure Functions (C#), Azure Cost CLI, and various Microsoft tools.

macOS / Linux:

brew install dotnet

Windows (Scoop):

scoop install dotnet-sdk

Node.js Link to heading

Used by some Azure tools, Azure Functions (JavaScript/TypeScript), and the Azure Static Web Apps CLI.

macOS / Linux:

brew install node

Windows (Scoop):

scoop install nodejs

Putting It All Together Link to heading

Here’s a quick bootstrap script for each platform:

macOS Link to heading

# Install Homebrew (if not already installed)
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Core Azure tools
brew install azure-cli azure-dev powershell

# IaC
brew install terraform opentofu terragrunt

# Containers and Kubernetes
brew install --cask docker
brew install kubectl helm Azure/kubelogin/kubelogin

# Source control
brew install git gh

# Editors
brew install --cask visual-studio-code

# Utilities
brew install curl wget jq
brew install --cask microsoft-azure-storage-explorer

# Security
brew install trivy

# Runtimes
brew install python dotnet node

# Post-install
az bicep install
pwsh -Command "Install-Module -Name Az -Repository PSGallery -Force"

Windows (Scoop via PowerShell) Link to heading

# Install Scoop
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
Invoke-RestMethod -Uri https://get.scoop.sh | Invoke-Expression
scoop bucket add extras

# Core Azure tools
scoop install azure-cli azure-dev

# IaC
scoop install terraform opentofu terragrunt

# Containers and Kubernetes
scoop install kubectl helm kubelogin

# Source control
scoop install git gh

# Editors
scoop install vscode

# Utilities
scoop install curl wget jq storageexplorer

# Security
scoop install trivy

# Runtimes
scoop install python dotnet-sdk nodejs

# Post-install
az bicep install
Install-Module -Name Az -Repository PSGallery -Force

Linux (WSL with Ubuntu) Link to heading

# Update system
sudo apt-get update && sudo apt-get upgrade -y

# Install Homebrew for Linux
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"

# Core Azure tools
brew install azure-cli azure-dev powershell

# IaC
brew install terraform opentofu terragrunt

# Containers and Kubernetes
brew install kubectl helm Azure/kubelogin/kubelogin

# Source control
brew install git gh

# Editors
brew install --cask visual-studio-code

# Utilities
brew install curl wget jq

# Security
brew install trivy

# Runtimes
brew install python dotnet node

# Post-install
az bicep install
pwsh -Command "Install-Module -Name Az -Repository PSGallery -Force"

Final Thoughts Link to heading

A consistent toolchain across platforms eliminates the “works on my machine” problem and makes onboarding new team members straightforward. Using package managers like Homebrew and Scoop means you can version, update, and reproduce your environment with a single script.

Keep your tools current. Run brew upgrade or scoop update * regularly. Azure CLI and Bicep evolve quickly, and staying on the latest version avoids compatibility surprises.

The tools listed here form the baseline. Depending on your specific workload — whether it’s heavy on networking, data, AI, or application development — you may add specialized tools on top. But this foundation will serve you well for the vast majority of Azure architecture work.