Thanks for editing the post and adding the solution (the leftover comma had to go).
LXD does not perform any sanity check on the cloud-init instructions, therefore if something goes wrong, you need to look into the container for hints.
Indeed and to be clear, if there was an easy way to validate those keys, we would do so.
Sadly because cloud-init accepts a very wide variety of user data, this isn’t practical, though maybe we can detect those that should be yaml and validate that the yaml parses properly at least.
We’ve also been talking with the cloud-init team regularly about having them use our /dev/lxd interface rather than using the current templating approach. With this in place, we should be able to make cloud-init more of a first class citizen in LXD and hopefully add more validation then.
Mostly client tools, we’d likely rename the config keys to something more official and add some validation and tests, but that’d probably be the extent of it.