diff --git a/.cspell.json b/.cspell.json
index 15180d9ab..b8a95ecdd 100644
--- a/.cspell.json
+++ b/.cspell.json
@@ -4,6 +4,7 @@
   "words": [
     "amazonec",
     "amannn",
+    "amazonec",
     "anytrue",
     "aquasecurity",
     "awscli",
@@ -50,6 +51,7 @@
     "tflint",
     "tftpl",
     "tfsec",
+    "tftpl",
     "tfvars",
     "tmpfs",
     "trivy",
diff --git a/README.md b/README.md
index 570027d34..0ec2a580e 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,9 @@
 <!-- First line should be a H1: Badges on top please! -->
-<!-- markdownlint-disable MD041 -->
+<!-- markdownlint-disable MD041/first-line-heading/first-line-h1 -->
 [![Terraform registry](https://img.shields.io/github/v/release/cattle-ops/terraform-aws-gitlab-runner?label=Terraform%20Registry)](https://registry.terraform.io/modules/cattle-ops/gitlab-runner/aws/)
 [![Gitter](https://badges.gitter.im/terraform-aws-gitlab-runner/Lobby.svg)](https://gitter.im/terraform-aws-gitlab-runner/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
 [![Actions](https://github.com/cattle-ops/terraform-aws-gitlab-runner/workflows/CI/badge.svg)](https://github.com/cattle-ops/terraform-aws-gitlab-runner/actions)
+<!-- markdownlint-enable MD041/first-line-heading/first-line-h1 -->
 
 # Terraform module for GitLab auto scaling runners on AWS spot instances <!-- omit in toc -->
 
diff --git a/examples/runner-public/main.tf b/examples/runner-public/main.tf
index ffd2ae3ea..0d5d2c82e 100644
--- a/examples/runner-public/main.tf
+++ b/examples/runner-public/main.tf
@@ -2,7 +2,7 @@ data "aws_availability_zones" "available" {
   state = "available"
 }
 
-# VPC Flow logs are not needed here
+# Every VPC resource should have an associated Flow Log: This is an example only. No flow logs are created.
 # kics-scan ignore-line
 module "vpc" {
   source  = "terraform-aws-modules/vpc/aws"
@@ -79,9 +79,8 @@ module "runner2" {
 
   runners_use_private_address = false
 
-  vpc_id                   = module.vpc.vpc_id
-  subnet_ids_gitlab_runner = module.vpc.public_subnets
-  subnet_id_runners        = element(module.vpc.public_subnets, 0)
+  vpc_id    = module.vpc.vpc_id
+  subnet_id = element(module.vpc.public_subnets, 0)
 
   docker_machine_spot_price_bid = "on-demand-price"
 
diff --git a/main.tf b/main.tf
index a15a1ebe1..a130b656e 100644
--- a/main.tf
+++ b/main.tf
@@ -2,7 +2,7 @@ data "aws_caller_identity" "current" {}
 data "aws_partition" "current" {}
 
 data "aws_subnet" "runners" {
-  id = length(var.subnet_id) > 0 ? var.subnet_id : var.subnet_id_runners
+  id = var.subnet_id
 }
 
 data "aws_availability_zone" "runners" {
@@ -87,7 +87,7 @@ locals {
       tls_ca_file                       = length(var.runners_gitlab_certificate) > 0 ? "tls-ca-file=\"/etc/gitlab-runner/certs/gitlab.crt\"" : ""
       runners_extra_hosts               = var.runners_extra_hosts
       runners_vpc_id                    = var.vpc_id
-      runners_subnet_id                 = length(var.subnet_id) > 0 ? var.subnet_id : var.subnet_id_runners
+      runners_subnet_id                 = var.subnet_id
       runners_aws_zone                  = data.aws_availability_zone.runners.name_suffix
       runners_instance_type             = var.docker_machine_instance_type
       runners_spot_price_bid            = var.docker_machine_spot_price_bid == "on-demand-price" || var.docker_machine_spot_price_bid == null ? "" : var.docker_machine_spot_price_bid
@@ -163,7 +163,7 @@ data "aws_ami" "docker-machine" {
 # kics-scan ignore-line
 resource "aws_autoscaling_group" "gitlab_runner_instance" {
   name                      = var.enable_asg_recreation ? "${aws_launch_template.gitlab_runner_instance.name}-asg" : "${var.environment}-as-group"
-  vpc_zone_identifier       = length(var.subnet_id) > 0 ? [var.subnet_id] : var.subnet_ids_gitlab_runner
+  vpc_zone_identifier       = [var.subnet_id]
   min_size                  = "1"
   max_size                  = "1"
   desired_capacity          = "1"
@@ -565,7 +565,6 @@ module "terminate_agent_hook" {
   name_docker_machine_runners          = local.runner_tags_merged["Name"]
   role_permissions_boundary            = var.permissions_boundary == "" ? null : "arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:policy/${var.permissions_boundary}"
   kms_key_id                           = local.kms_key
-  arn_format                           = var.arn_format
 
   tags = local.tags
 }
diff --git a/migrations/migrate-to-7-0-0.sh b/migrations/migrate-to-7-0-0.sh
new file mode 100755
index 000000000..8aaaa9b4e
--- /dev/null
+++ b/migrations/migrate-to-7-0-0.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+set -eu
+
+#
+# Precondition: The module call has been extracted to a separate file given in "$1". The code is well-formatted.
+#               Run `terraform fmt` to do that
+#
+# $1: file name containing the module call to be converted
+#
+
+converted_file="$1.new"
+
+cp "$1" "$converted_file"
+
+#
+# PR #738 chore!: remove deprecated variables
+#
+sed -i '/arn_format/d' "$converted_file"
+sed -i '/subnet_id_runners/d' "$converted_file"
+sed -i '/subnet_ids_gitlab_runner/d' "$converted_file"
+sed -i '/asg_terminate_lifecycle_hook_create/d' "$converted_file"
+sed -i '/asg_terminate_lifecycle_hook_heartbeat_timeout/d' "$converted_file"
+sed -i '/asg_terminate_lifecycle_lambda_memory_size/d' "$converted_file"
+sed -i '/asg_terminate_lifecycle_lambda_runtime/d' "$converted_file"
+sed -i '/asg_terminate_lifecycle_lambda_timeout/d' "$converted_file"
diff --git a/modules/terminate-agent-hook/variables.tf b/modules/terminate-agent-hook/variables.tf
index 3f8a22897..3cfb49970 100644
--- a/modules/terminate-agent-hook/variables.tf
+++ b/modules/terminate-agent-hook/variables.tf
@@ -60,9 +60,3 @@ variable "enable_xray_tracing" {
   type        = bool
   default     = false
 }
-
-variable "arn_format" {
-  type        = string
-  default     = "arn:aws"
-  description = "ARN format to be used. May be changed to support deployment in GovCloud/China regions."
-}
diff --git a/variables.tf b/variables.tf
index cb53182f3..f02bc51db 100644
--- a/variables.tf
+++ b/variables.tf
@@ -3,12 +3,6 @@ variable "aws_region" {
   type        = string
 }
 
-variable "arn_format" {
-  type        = string
-  default     = null
-  description = "Deprecated! Calculated automatically by the module. ARN format to be used. May be changed to support deployment in GovCloud/China regions."
-}
-
 variable "auth_type_cache_sr" {
   description = "A string that declares the AuthenticationType for [runners.cache.s3]. Can either be 'iam' or 'credentials'"
   type        = string
@@ -855,70 +849,12 @@ variable "docker_machine_egress_rules" {
   }]
 }
 
-variable "subnet_id_runners" {
-  description = "Deprecated! Use subnet_id instead. List of subnets used for hosting the gitlab-runners."
-  type        = string
-  default     = ""
-}
-
-variable "subnet_ids_gitlab_runner" {
-  description = "Deprecated! Use subnet_id instead. Subnet used for hosting the GitLab runner."
-  type        = list(string)
-  default     = []
-}
-
 variable "asg_terminate_lifecycle_hook_name" {
   description = "Specifies a custom name for the ASG terminate lifecycle hook and related resources."
   type        = string
   default     = null
 }
 
-variable "asg_terminate_lifecycle_hook_create" {
-  description = "(Deprecated and always true now) Boolean toggling the creation of the ASG instance terminate lifecycle hook."
-  type        = bool
-  default     = true
-
-  validation {
-    condition     = var.asg_terminate_lifecycle_hook_create
-    error_message = "The hook must be created. Please remove the variable declaration."
-  }
-}
-
-variable "asg_terminate_lifecycle_hook_heartbeat_timeout" {
-  description = "(Deprecated and no longer in use) The amount of time, in seconds, for the instances to remain in wait state."
-  type        = number
-  default     = null
-
-  validation {
-    condition     = var.asg_terminate_lifecycle_hook_heartbeat_timeout == null
-    error_message = "The timeout value is managed by the module. Please remove the variable declaration."
-  }
-}
-
-# to be removed in future release
-# tflint-ignore: terraform_unused_declarations
-variable "asg_terminate_lifecycle_lambda_memory_size" {
-  description = "(Deprecated and no longer in use) The memory size in MB to allocate to the terminate-instances Lambda function."
-  type        = number
-  default     = 128
-}
-
-# to be removed in future release
-# tflint-ignore: terraform_unused_declarations
-variable "asg_terminate_lifecycle_lambda_runtime" {
-  description = "(Deprecated and no longer in use) Identifier of the function's runtime. This should be a python3.x runtime. See https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html#SSS-CreateFunction-request-Runtime for more information."
-  type        = string
-  default     = "python3.8"
-}
-
-# to be removed in future release
-# tflint-ignore: terraform_unused_declarations
-variable "asg_terminate_lifecycle_lambda_timeout" {
-  description = "(Deprecated and no longer in use) Amount of time the terminate-instances Lambda Function has to run in seconds."
-  default     = 30
-  type        = number
-}
-
 variable "runner_yum_update" {
   description = "Run a yum update as part of starting the runner"
   type        = bool