diff --git a/json-schema/registry.json b/json-schema/registry.json
index af0c084be..c724dd417 100644
--- a/json-schema/registry.json
+++ b/json-schema/registry.json
@@ -156,6 +156,9 @@
         },
         "key": {
           "$ref": "#/$defs/DownloadedFile"
+        },
+        "bundle": {
+          "$ref": "#/$defs/DownloadedFile"
         }
       },
       "additionalProperties": false,
diff --git a/pkg/config/registry/cosign.go b/pkg/config/registry/cosign.go
index 66ff9a81e..ce9f15cb6 100644
--- a/pkg/config/registry/cosign.go
+++ b/pkg/config/registry/cosign.go
@@ -13,6 +13,7 @@ type Cosign struct {
 	Signature   *DownloadedFile `json:"signature,omitempty"`
 	Certificate *DownloadedFile `json:"certificate,omitempty"`
 	Key         *DownloadedFile `json:"key,omitempty"`
+	Bundle      *DownloadedFile `json:"bundle,omitempty"`
 }
 
 type DownloadedFile struct {
@@ -30,7 +31,7 @@ func (c *Cosign) GetEnabled() bool {
 	if c.Enabled != nil {
 		return *c.Enabled
 	}
-	return len(c.Opts) != 0 || c.Signature != nil || c.Certificate != nil || c.Key != nil
+	return len(c.Opts) != 0 || c.Signature != nil || c.Certificate != nil || c.Key != nil || c.Bundle != nil
 }
 
 func (c *Cosign) RenderOpts(rt *runtime.Runtime, art *template.Artifact) ([]string, error) {
diff --git a/pkg/cosign/verify.go b/pkg/cosign/verify.go
index 0338d14a2..8c61b2875 100644
--- a/pkg/cosign/verify.go
+++ b/pkg/cosign/verify.go
@@ -86,6 +86,7 @@ func (v *Verifier) Verify(ctx context.Context, logE *logrus.Entry, rt *runtime.R
 		"signature":   cos.Signature,
 		"key":         cos.Key,
 		"certificate": cos.Certificate,
+		"bundle":      cos.Bundle,
 	}
 	for name, df := range files {
 		if df == nil {