Don't set terraform's user_data if it is an empty string

Bastion hosts have no user_data by default.
This is not valid in terraform, based on the error messages reported here [0]

The Terraform provider code says user_data is optional for both LaunchConfigurations and LaunchTemplates [1] [2]

This change prevents the user_data property from being added to aws_launch_configuration and aws_launch_template resources unless the string is not empty.

[0] https://travis-ci.org/github/kubernetes/kops/jobs/662472020
[1] 04d24f80f3/aws/resource_aws_launch_configuration.go (L74-L76)
[2] 04d24f80f3/aws/resource_aws_launch_template.go (L510-L512)

tests/integration/update_cluster/private-shared-subnet/kubernetes.tf

@@ -385,7 +385,6 @@ resource "aws_launch_configuration" "bastion-private-shared-subnet-example-com"
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-private-shared-subnet-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-private-shared-subnet-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.private-shared-subnet.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/privatecalico/kubernetes.tf

@@ -415,7 +415,6 @@ resource "aws_launch_configuration" "bastion-privatecalico-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-privatecalico-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-privatecalico-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.privatecalico.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/privatecanal/kubernetes.tf

@@ -415,7 +415,6 @@ resource "aws_launch_configuration" "bastion-privatecanal-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-privatecanal-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-privatecanal-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.privatecanal.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/privatedns1/kubernetes.tf

@@ -415,7 +415,6 @@ resource "aws_launch_configuration" "bastion-privatedns1-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-privatedns1-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-privatedns1-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.privatedns1.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/privatedns2/kubernetes.tf

@@ -400,7 +400,6 @@ resource "aws_launch_configuration" "bastion-privatedns2-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-privatedns2-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-privatedns2-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.privatedns2.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/privateflannel/kubernetes.tf

@@ -415,7 +415,6 @@ resource "aws_launch_configuration" "bastion-privateflannel-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-privateflannel-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-privateflannel-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.privateflannel.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/privatekopeio/kubernetes.tf

@@ -420,7 +420,6 @@ resource "aws_launch_configuration" "bastion-privatekopeio-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-privatekopeio-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-privatekopeio-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.privatekopeio.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/privateweave/kubernetes.tf

@@ -415,7 +415,6 @@ resource "aws_launch_configuration" "bastion-privateweave-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-privateweave-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-privateweave-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.privateweave.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

tests/integration/update_cluster/unmanaged/kubernetes.tf

@@ -390,7 +390,6 @@ resource "aws_launch_configuration" "bastion-unmanaged-example-com" {
   iam_instance_profile        = "${aws_iam_instance_profile.bastions-unmanaged-example-com.id}"
   security_groups             = ["${aws_security_group.bastion-unmanaged-example-com.id}"]
   associate_public_ip_address = true
-  user_data                   = "${file("${path.module}/data/aws_launch_configuration_bastion.unmanaged.example.com_user_data")}"
 
   root_block_device = {
     volume_type           = "gp2"

upup/pkg/fi/cloudup/awstasks/launchconfiguration.go

@@ -538,10 +538,16 @@ func (_ *LaunchConfiguration) RenderTerraform(t *terraform.TerraformTarget, a, e
 	}
 
 	if e.UserData != nil {
-		tf.UserData, err = t.AddFile("aws_launch_configuration", *e.Name, "user_data", e.UserData)
+		userData, err := fi.ResourceAsString(e.UserData)
 		if err != nil {
 			return err
 		}
+		if userData != "" {
+			tf.UserData, err = t.AddFile("aws_launch_configuration", *e.Name, "user_data", e.UserData)
+			if err != nil {
+				return err
+			}
+		}
 	}
 	if e.IAMInstanceProfile != nil {
 		tf.IAMInstanceProfile = e.IAMInstanceProfile.TerraformLink()

upup/pkg/fi/cloudup/awstasks/launchtemplate_target_terraform.go

@@ -206,11 +206,13 @@ func (t *LaunchTemplate) RenderTerraform(target *terraform.TerraformTarget, a, e
 			return err
 		}
 		b64d := base64.StdEncoding.EncodeToString(d)
-		b64UserDataResource := fi.WrapResource(fi.NewStringResource(b64d))
+		if b64d != "" {
+			b64UserDataResource := fi.WrapResource(fi.NewStringResource(b64d))
 
-		tf.UserData, err = target.AddFile("aws_launch_template", fi.StringValue(e.Name), "user_data", b64UserDataResource)
-		if err != nil {
-			return err
+			tf.UserData, err = target.AddFile("aws_launch_template", fi.StringValue(e.Name), "user_data", b64UserDataResource)
+			if err != nil {
+				return err
+			}
 		}
 	}
 	devices, err := e.buildRootDevice(cloud)