diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
index 46a7915..12ce044 100644
--- a/.github/workflows/sbom.yml
+++ b/.github/workflows/sbom.yml
@@ -1,68 +1,43 @@
+# .github/workflows/sbom.yml
 name: SBOM Check
 
 on:
   workflow_dispatch:
     inputs:
-      environment:
+      run:
         description: "Run SBOM check"
         required: true
-        type: choice
-        options:
-          - yes
-          - no
-
-env:
-  SYFT_VERSION: "1.27.1"
-  TF_VERSION: "1.12.2"
+        type: boolean
+        default: true
 
 jobs:
-  deploy:
-    name: Software Bill of Materials
+  sbom:
+    if: ${{ inputs.run }}
     runs-on: ubuntu-latest
     permissions:
       actions: read
-      contents: write
+      contents: write  # needed if you want SBOMs uploaded to Releases
     steps:
       - name: Checkout
-        uses: actions/checkout@v5        
+        uses: actions/checkout@v5
 
       - name: Setup Python 3.13
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: "3.13"
 
       - name: Setup Terraform
         uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd
+        with:
+          terraform_version: "1.12.2"
 
-      - uses: terraform-linters/setup-tflint@ae78205cfffec9e8d93fd2b3115c7e9d3166d4b6
-        name: Setup TFLint
-
-      - name: Set architecture variable
-        id: os-arch
-        run: |
-          case "${{ runner.arch }}" in
-            X64) ARCH="amd64" ;;
-            ARM64) ARCH="arm64" ;;
-          esac
-          echo "arch=${ARCH}" >> $GITHUB_OUTPUT
-
-      - name: Download and setup Syft
-        run: |
-          DOWNLOAD_URL="https://github.com/anchore/syft/releases/download/v${{ env.SYFT_VERSION }}/syft_${{ env.SYFT_VERSION }}_linux_${{ steps.os-arch.outputs.arch }}.tar.gz"
-          echo "Downloading: ${DOWNLOAD_URL}"
-
-          curl -L -o syft.tar.gz "${DOWNLOAD_URL}"
-          tar -xzf syft.tar.gz
-          chmod +x syft
-
-          # Add to PATH for subsequent steps
-          echo "$(pwd)" >> $GITHUB_PATH
-
-      - name: Create SBOM
-        run: bash scripts/create-sbom.sh terraform python tflint
+      - name: Setup TFLint
+        uses: terraform-linters/setup-tflint@ae78205cfffec9e8d93fd2b3115c7e9d3166d4b6
 
-      - name: Upload SBOM as artifact
-        uses: actions/upload-artifact@v4
+      # Base SBOM for repo (SPDX JSON). Also uploaded as a workflow artifact.
+      - name: Generate SBOM (repo)
+        uses: anchore/sbom-action@v0
         with:
-          name: sbom
-          path: sbom.json
\ No newline at end of file
+          path: .
+          format: spdx-json
+          output-file: sbom.spdx.json
\ No newline at end of file