diff --git a/README.md b/README.md
index 4d632340665..4ad277740af 100644
--- a/README.md
+++ b/README.md
@@ -140,6 +140,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | local | >= 1.4 |
 | null | >= 2.1 |
 | random | >= 2.1 |
+| template | >= 2.1 |
 
 ## Providers
 
@@ -150,6 +151,7 @@ MIT Licensed. See [LICENSE](https://github.com/terraform-aws-modules/terraform-a
 | local | >= 1.4 |
 | null | >= 2.1 |
 | random | >= 2.1 |
+| template | >= 2.1 |
 
 ## Inputs
 
diff --git a/data.tf b/data.tf
index a574e83bc6a..59099360312 100644
--- a/data.tf
+++ b/data.tf
@@ -55,6 +55,98 @@ data "aws_iam_policy_document" "cluster_assume_role_policy" {
   }
 }
 
+data "template_file" "userdata" {
+  count = var.create_eks ? local.worker_group_count : 0
+  template = lookup(
+    var.worker_groups[count.index],
+    "userdata_template_file",
+    file(
+      lookup(var.worker_groups[count.index], "platform", local.workers_group_defaults["platform"]) == "windows"
+      ? "${path.module}/templates/userdata_windows.tpl"
+      : "${path.module}/templates/userdata.sh.tpl"
+    )
+  )
+
+  vars = merge({
+    platform            = lookup(var.worker_groups[count.index], "platform", local.workers_group_defaults["platform"])
+    cluster_name        = coalescelist(aws_eks_cluster.this[*].name, [""])[0]
+    endpoint            = coalescelist(aws_eks_cluster.this[*].endpoint, [""])[0]
+    cluster_auth_base64 = coalescelist(aws_eks_cluster.this[*].certificate_authority[0].data, [""])[0]
+    pre_userdata = lookup(
+      var.worker_groups[count.index],
+      "pre_userdata",
+      local.workers_group_defaults["pre_userdata"],
+    )
+    additional_userdata = lookup(
+      var.worker_groups[count.index],
+      "additional_userdata",
+      local.workers_group_defaults["additional_userdata"],
+    )
+    bootstrap_extra_args = lookup(
+      var.worker_groups[count.index],
+      "bootstrap_extra_args",
+      local.workers_group_defaults["bootstrap_extra_args"],
+    )
+    kubelet_extra_args = lookup(
+      var.worker_groups[count.index],
+      "kubelet_extra_args",
+      local.workers_group_defaults["kubelet_extra_args"],
+    )
+    },
+    lookup(
+      var.worker_groups[count.index],
+      "userdata_template_extra_args",
+      local.workers_group_defaults["userdata_template_extra_args"]
+    )
+  )
+}
+
+data "template_file" "launch_template_userdata" {
+  count = var.create_eks ? local.worker_group_launch_template_count : 0
+  template = lookup(
+    var.worker_groups_launch_template[count.index],
+    "userdata_template_file",
+    file(
+      lookup(var.worker_groups_launch_template[count.index], "platform", local.workers_group_defaults["platform"]) == "windows"
+      ? "${path.module}/templates/userdata_windows.tpl"
+      : "${path.module}/templates/userdata.sh.tpl"
+    )
+  )
+
+  vars = merge({
+    platform            = lookup(var.worker_groups_launch_template[count.index], "platform", local.workers_group_defaults["platform"])
+    cluster_name        = coalescelist(aws_eks_cluster.this[*].name, [""])[0]
+    endpoint            = coalescelist(aws_eks_cluster.this[*].endpoint, [""])[0]
+    cluster_auth_base64 = coalescelist(aws_eks_cluster.this[*].certificate_authority[0].data, [""])[0]
+    pre_userdata = lookup(
+      var.worker_groups_launch_template[count.index],
+      "pre_userdata",
+      local.workers_group_defaults["pre_userdata"],
+    )
+    additional_userdata = lookup(
+      var.worker_groups_launch_template[count.index],
+      "additional_userdata",
+      local.workers_group_defaults["additional_userdata"],
+    )
+    bootstrap_extra_args = lookup(
+      var.worker_groups_launch_template[count.index],
+      "bootstrap_extra_args",
+      local.workers_group_defaults["bootstrap_extra_args"],
+    )
+    kubelet_extra_args = lookup(
+      var.worker_groups_launch_template[count.index],
+      "kubelet_extra_args",
+      local.workers_group_defaults["kubelet_extra_args"],
+    )
+    },
+    lookup(
+      var.worker_groups_launch_template[count.index],
+      "userdata_template_extra_args",
+      local.workers_group_defaults["userdata_template_extra_args"]
+    )
+  )
+}
+
 data "aws_iam_role" "custom_cluster_iam_role" {
   count = var.manage_cluster_iam_resources ? 0 : 1
   name  = var.cluster_iam_role_name
diff --git a/examples/basic/main.tf b/examples/basic/main.tf
index a21e530d2ce..4ce49b95b93 100644
--- a/examples/basic/main.tf
+++ b/examples/basic/main.tf
@@ -19,6 +19,10 @@ provider "null" {
   version = "~> 2.1"
 }
 
+provider "template" {
+  version = "~> 2.1"
+}
+
 data "aws_eks_cluster" "cluster" {
   name = module.eks.cluster_id
 }
diff --git a/examples/irsa/main.tf b/examples/irsa/main.tf
index bbb9e8a5a30..849db9c28f1 100644
--- a/examples/irsa/main.tf
+++ b/examples/irsa/main.tf
@@ -15,6 +15,10 @@ provider "null" {
   version = "~> 2.1"
 }
 
+provider "template" {
+  version = "~> 2.1"
+}
+
 data "aws_eks_cluster" "cluster" {
   name = module.eks.cluster_id
 }
diff --git a/examples/launch_templates/main.tf b/examples/launch_templates/main.tf
index 8d9cff82465..d76a13c561b 100644
--- a/examples/launch_templates/main.tf
+++ b/examples/launch_templates/main.tf
@@ -19,6 +19,10 @@ provider "null" {
   version = "~> 2.1"
 }
 
+provider "template" {
+  version = "~> 2.1"
+}
+
 data "aws_eks_cluster" "cluster" {
   name = module.eks.cluster_id
 }
diff --git a/examples/managed_node_groups/main.tf b/examples/managed_node_groups/main.tf
index 1e7f802fa76..eed19c24ff1 100644
--- a/examples/managed_node_groups/main.tf
+++ b/examples/managed_node_groups/main.tf
@@ -19,6 +19,10 @@ provider "null" {
   version = "~> 2.1"
 }
 
+provider "template" {
+  version = "~> 2.1"
+}
+
 data "aws_eks_cluster" "cluster" {
   name = module.eks.cluster_id
 }
diff --git a/examples/secrets_encryption/main.tf b/examples/secrets_encryption/main.tf
index e4483539ca2..1a639e1d20a 100644
--- a/examples/secrets_encryption/main.tf
+++ b/examples/secrets_encryption/main.tf
@@ -19,6 +19,10 @@ provider "null" {
   version = "~> 2.1"
 }
 
+provider "template" {
+  version = "~> 2.1"
+}
+
 data "aws_eks_cluster" "cluster" {
   name = module.eks.cluster_id
 }
diff --git a/examples/spot_instances/main.tf b/examples/spot_instances/main.tf
index 007cd603571..5406f1d234e 100644
--- a/examples/spot_instances/main.tf
+++ b/examples/spot_instances/main.tf
@@ -19,6 +19,10 @@ provider "null" {
   version = "~> 2.1"
 }
 
+provider "template" {
+  version = "~> 2.1"
+}
+
 data "aws_eks_cluster" "cluster" {
   name = module.eks.cluster_id
 }
diff --git a/local.tf b/local.tf
index 2f07029cd6e..febf6f742d6 100644
--- a/local.tf
+++ b/local.tf
@@ -147,92 +147,4 @@ locals {
     aws_authenticator_additional_args = var.kubeconfig_aws_authenticator_additional_args
     aws_authenticator_env_variables   = var.kubeconfig_aws_authenticator_env_variables
   }) : ""
-
-  userdata = [for worker in var.worker_groups : templatefile(
-    lookup(
-      worker,
-      "userdata_template_file",
-      lookup(worker, "platform", local.workers_group_defaults["platform"]) == "windows"
-      ? "${path.module}/templates/userdata_windows.tpl"
-      : "${path.module}/templates/userdata.sh.tpl"
-    ),
-    merge(
-      {
-        platform            = lookup(worker, "platform", local.workers_group_defaults["platform"])
-        cluster_name        = aws_eks_cluster.this[0].name
-        endpoint            = aws_eks_cluster.this[0].endpoint
-        cluster_auth_base64 = aws_eks_cluster.this[0].certificate_authority[0].data
-        pre_userdata = lookup(
-          worker,
-          "pre_userdata",
-          local.workers_group_defaults["pre_userdata"],
-        )
-        additional_userdata = lookup(
-          worker,
-          "additional_userdata",
-          local.workers_group_defaults["additional_userdata"],
-        )
-        bootstrap_extra_args = lookup(
-          worker,
-          "bootstrap_extra_args",
-          local.workers_group_defaults["bootstrap_extra_args"],
-        )
-        kubelet_extra_args = lookup(
-          worker,
-          "kubelet_extra_args",
-          local.workers_group_defaults["kubelet_extra_args"],
-        )
-      },
-      lookup(
-        worker,
-        "userdata_template_extra_args",
-        local.workers_group_defaults["userdata_template_extra_args"]
-      )
-    )
-    ) if var.create_eks
-  ]
-
-  launch_template_userdata = [for worker in var.worker_groups_launch_template : templatefile(
-    lookup(
-      worker,
-      "userdata_template_file",
-      lookup(worker, "platform", local.workers_group_defaults["platform"]) == "windows"
-      ? "${path.module}/templates/userdata_windows.tpl"
-      : "${path.module}/templates/userdata.sh.tpl"
-    ),
-    merge(
-      {
-        platform            = lookup(worker, "platform", local.workers_group_defaults["platform"])
-        cluster_name        = aws_eks_cluster.this[0].name
-        endpoint            = aws_eks_cluster.this[0].endpoint
-        cluster_auth_base64 = aws_eks_cluster.this[0].certificate_authority[0].data
-        pre_userdata = lookup(
-          worker,
-          "pre_userdata",
-          local.workers_group_defaults["pre_userdata"],
-        )
-        additional_userdata = lookup(
-          worker,
-          "additional_userdata",
-          local.workers_group_defaults["additional_userdata"],
-        )
-        bootstrap_extra_args = lookup(
-          worker,
-          "bootstrap_extra_args",
-          local.workers_group_defaults["bootstrap_extra_args"],
-        )
-        kubelet_extra_args = lookup(
-          worker,
-          "kubelet_extra_args",
-          local.workers_group_defaults["kubelet_extra_args"],
-        )
-      },
-      lookup(
-        worker,
-        "userdata_template_extra_args",
-        local.workers_group_defaults["userdata_template_extra_args"]
-      )
-    )
-    ) if var.create_eks
-  ]
 }
diff --git a/outputs.tf b/outputs.tf
index 322d88c40a3..58f33718f54 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -95,8 +95,8 @@ output "workers_asg_names" {
 output "workers_user_data" {
   description = "User data of worker groups"
   value = concat(
-    local.userdata,
-    local.launch_template_userdata,
+    data.template_file.userdata.*.rendered,
+    data.template_file.launch_template_userdata.*.rendered,
   )
 }
 
diff --git a/versions.tf b/versions.tf
index 21e74d2e97f..64f92a5d236 100644
--- a/versions.tf
+++ b/versions.tf
@@ -5,6 +5,7 @@ terraform {
     aws        = ">= 2.52.0"
     local      = ">= 1.4"
     null       = ">= 2.1"
+    template   = ">= 2.1"
     random     = ">= 2.1"
     kubernetes = ">= 1.11.1"
   }
diff --git a/workers.tf b/workers.tf
index 4b9265a3a99..2e2a80f6d82 100644
--- a/workers.tf
+++ b/workers.tf
@@ -170,7 +170,7 @@ resource "aws_launch_configuration" "workers" {
     "key_name",
     local.workers_group_defaults["key_name"],
   )
-  user_data_base64 = base64encode(local.userdata[count.index])
+  user_data_base64 = base64encode(data.template_file.userdata.*.rendered[count.index])
   ebs_optimized = lookup(
     var.worker_groups[count.index],
     "ebs_optimized",
diff --git a/workers_launch_template.tf b/workers_launch_template.tf
index bdf1efdfb0d..69e4f465ca9 100644
--- a/workers_launch_template.tf
+++ b/workers_launch_template.tf
@@ -262,7 +262,7 @@ resource "aws_launch_template" "workers_launch_template" {
     local.workers_group_defaults["key_name"],
   )
   user_data = base64encode(
-    local.launch_template_userdata[count.index],
+    data.template_file.launch_template_userdata.*.rendered[count.index],
   )
 
   ebs_optimized = lookup(