Comment 6 for bug 1885527

"AGAIN: Why is cloud-init still manipulating the machine *after* initialization and first boot?"

Because cloud-init thinks it is a "first boot". A supported use case for cloud-init is:
 * boot instance on cloud
 * ssh in
 * install some packages, prep this instance
 * stop instance
 * snapshot disk
 * register new image from disk
 * start new instances from this image

cloud-init will recognize that these instances are new instances, and initialize them. It recognizes this by comparing the cached value of 'instance-id' versus the current value of 'instance-id'. If they have changed, then you have a new instance.

The other reason for cloud-init to "remain active" is that it offers "per-boot" things.