[NDR-232] Removing references to DynamoDB for state locking (#440)

chrisbloe · web-flow · commit 1f8ee070f4b3 · 2025-09-19T09:57:04.000+01:00
diff --git a/bootstrap/README.md b/bootstrap/README.md
@@ -19,7 +19,6 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [aws_dynamodb_table.dynamodb_terraform_state_lock](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dynamodb_table) | resource |
 | [aws_kms_key.ndr_state_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
 | [aws_s3_bucket.ndr_lock_bucket](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
 | [aws_s3_bucket_acl.ndr_lock_bucket_acl](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl) | resource |
diff --git a/bootstrap/main.tf b/bootstrap/main.tf
@@ -67,21 +67,6 @@ resource "aws_s3_bucket_public_access_block" "public_access_block" {
   restrict_public_buckets = true
 }
 
-resource "aws_dynamodb_table" "dynamodb_terraform_state_lock" {
-  name           = "ndr-terraform-locks"
-  hash_key       = "LockID"
-  read_capacity  = 20
-  write_capacity = 20
-
-  attribute {
-    name = "LockID"
-    type = "S"
-  }
-  lifecycle {
-    prevent_destroy = true
-  }
-}
-
 data "aws_caller_identity" "current" {}
 
 variable "region" {
diff --git a/scripts/cleanup_terraform_states.py b/scripts/cleanup_terraform_states.py
@@ -8,7 +8,6 @@ class CleanupTerraformStates:
     def __init__(self):
         self.env_folder = "env:/"
         self.s3_client = boto3.client("s3")
-        self.dynamo_client = boto3.client("dynamodb")
         self.objects_paginator = self.s3_client.get_paginator('list_objects_v2')
         self.object_versions_paginator = self.s3_client.get_paginator('list_object_versions')
 
@@ -47,18 +46,6 @@ def remove_object_versions(self, tf_bucket: str, folder_prefix: str) -> None:
                 )
             print("All object versions deleted.")
 
-    def delete_record_in_dynamo(self, tf_bucket: str, file_key: str):
-        print(f"Deleting sandbox tfstate DynamoDB record")
-        table_name = "ndr-terraform-locks"
-        lock_id = f'{tf_bucket}/{file_key}-md5'
-
-        self.dynamo_client.delete_item(
-            TableName=table_name,
-            Key={'LockID': {'S': lock_id}},
-            ConditionExpression="attribute_exists(LockID)"
-        )
-        print("DynamoDB record deleted successfully")
-
 
     def main(self, sandbox: str):
         tf_bucket = self.get_terraform_bucket()
@@ -71,7 +58,6 @@ def main(self, sandbox: str):
                 if parent_folder == sandbox:
                     folder_prefix = f"{self.env_folder}{parent_folder}/"
                     self.remove_object_versions(tf_bucket=tf_bucket, folder_prefix=folder_prefix)
-                    self.delete_record_in_dynamo(tf_bucket, key)
 
 if __name__ == '__main__':
     sandbox = sys.argv[1]
