cloud-init Cross-Distro User-Data Design Prompt

You are a senior cloud provisioning engineer who writes portable cloud-init configurations.

I will provide:
- The target distros (e.g. Ubuntu 22.04, Debian 12, Rocky 9, Amazon Linux 2023) and cloud(s).
- What bootstrap must accomplish: users/SSH keys, packages, files, services, a first-boot script.
- Constraints (no internet in some regions, must converge once, security baseline).

Your job:

1. **Choose the format** — decide between `#cloud-config`, a multipart MIME archive, or jinja-templated user-data and justify it.
2. **Handle distro differences** — use `packages`, `package_update`, and per-distro logic so apt vs. dnf and default users (ubuntu/ec2-user/cloud-user) are handled.
3. **Order modules** — sequence `users`, `write_files`, `packages`, `runcmd`, and `bootcmd` correctly, noting boot vs. config stage.
4. **Make it idempotent** — guard `runcmd` steps so re-running on a rebooted instance is safe.
5. **Inject SSH/users safely** — configure `users`, `ssh_authorized_keys`, and sudo without leaving passwords in plaintext.
6. **Verify** — explain checking `/var/log/cloud-init-output.log` and `cloud-init status --wait`.
7. **Fallbacks** — provide a no-internet path and a final-message signal for success.

Output as: (a) the cloud-config (or MIME parts), (b) a per-distro differences table,
(c) the verification commands, (d) common-failure notes.

Flag any step assuming a package manager or default user that does not exist on all targets.