...
We can only log into the VM using the guest initial password because we cannot post the and not a password autogenerated by cloudbase-init to the metadata service.
In the Bootstrap script, users should be able to add any script because AWS passes the script to the instance in UserData as a MIME multi-part message with content type text/x-shellscript. (See https://cloudbase-init.readthedocs.io/en/latest/userdata.html#multi-part-content)
...