diff --git a/bin/remove-runner.sh b/bin/remove-runner.sh
deleted file mode 100755
index d725562a4..000000000
--- a/bin/remove-runner.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#!/usr/bin/env sh
-set -e
-
-TOKEN=$(aws ssm get-parameters --name $3 --with-decryption --region $1 | jq -r ".Parameters | .[0] | .Value")
-curl -sS --request DELETE "${2}/api/v4/runners" --form "token=${TOKEN}"
\ No newline at end of file
diff --git a/main.tf b/main.tf
index ddb0a45d5..2782d6c0c 100644
--- a/main.tf
+++ b/main.tf
@@ -21,19 +21,26 @@ resource "aws_ssm_parameter" "runner_registration_token" {
   }
 }
 
+# to read the current token for the null_resource. aws_ssm_parameter.runner_registration_token.value is never updated!
+data "aws_ssm_parameter" "current_runner_registration_token" {
+  depends_on = [aws_ssm_parameter.runner_registration_token]
+
+  name = local.secure_parameter_store_runner_token_key
+}
+
 resource "null_resource" "remove_runner" {
   depends_on = [aws_ssm_parameter.runner_registration_token]
+
   triggers = {
-    script                                  = "${path.module}/bin/remove-runner.sh"
-    aws_region                              = var.aws_region
-    runners_gitlab_url                      = var.runners_gitlab_url
-    secure_parameter_store_runner_token_key = local.secure_parameter_store_runner_token_key
+    aws_region                = var.aws_region
+    runners_gitlab_url        = var.runners_gitlab_url
+    runner_registration_token = data.aws_ssm_parameter.current_runner_registration_token.value
   }
 
   provisioner "local-exec" {
     when       = destroy
     on_failure = continue
-    command    = "${self.triggers.script} ${self.triggers.aws_region} ${self.triggers.runners_gitlab_url} ${self.triggers.secure_parameter_store_runner_token_key}"
+    command    = "curl -sS --request DELETE \"${self.triggers.runners_gitlab_url}/api/v4/runners\" --form \"token=${self.triggers.runner_registration_token}\""
   }
 }
 
diff --git a/versions.tf b/versions.tf
index cb444c25c..3347cac27 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,10 +1,12 @@
 terraform {
   required_version = ">= 0.13.0"
+
   required_providers {
     aws = {
       version = ">= 3.35.0"
       source  = "hashicorp/aws"
     }
+
     null = {
       source = "hashicorp/null"
     }