diff --git a/docs/releasenotes.rst b/docs/releasenotes.rst
index e361a82429fa1a9776cda9ab5ccc48b12b4cce52..96265c7d1a6f19098b7b2fde7de2eab5de471358 100644
--- a/docs/releasenotes.rst
+++ b/docs/releasenotes.rst
@@ -23,6 +23,10 @@ Breaking changes:
     ``tls_certificate_dir`` are no longer used.
   * TLS private key and certificate parameters are now mandatory.
 
+* ``bootstrap`` role
+
+  * Parameter ``ansible_key`` is now mandatory.
+
 * ``mail_forwarder`` role
 
   * Use 2048-bit Diffie-Hellman parameters for relevant TLS
diff --git a/docs/rolereference.rst b/docs/rolereference.rst
index d2aae24c30223578e77aff1a43bf06366f7c46b5..e0a2e78610898664d259da55fe8cb964482f206b 100644
--- a/docs/rolereference.rst
+++ b/docs/rolereference.rst
@@ -191,7 +191,7 @@ The role implements the following:
 Parameters
 ~~~~~~~~~~
 
-**ansible_key** (string, optional, ``{{ lookup('file', '~/.ssh/id_rsa.pub') }}``)
+**ansible_key** (string, mandatory)
   SSH public key that should be deployed to authorized_keys truststore for
   operating system user ``ansible``.
 
diff --git a/roles/bootstrap/defaults/main.yml b/roles/bootstrap/defaults/main.yml
index d78a4ffa940134b21124cb6bde86961ab4cac262..ed97d539c095cf1413af30cc23dea272095b97dd 100644
--- a/roles/bootstrap/defaults/main.yml
+++ b/roles/bootstrap/defaults/main.yml
@@ -1,3 +1 @@
 ---
-
-ansible_key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
diff --git a/roles/bootstrap/molecule/default/group_vars/parameters-mandatory.yml b/roles/bootstrap/molecule/default/group_vars/parameters-mandatory.yml
index ed97d539c095cf1413af30cc23dea272095b97dd..73d3fbaa4e8b8cb2663b8a1bef9135a539a843ab 100644
--- a/roles/bootstrap/molecule/default/group_vars/parameters-mandatory.yml
+++ b/roles/bootstrap/molecule/default/group_vars/parameters-mandatory.yml
@@ -1 +1,3 @@
 ---
+
+ansible_key: "{{ lookup('file', 'tests/data/ansible_key.pub') }}"
diff --git a/roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py b/roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py
index 466990b6b47ece302b2ba6fd7318c8aa15335b1b..7eaccc564f05ac2f3f9c7ee79db3158531d5a56d 100644
--- a/roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py
+++ b/roles/bootstrap/molecule/default/tests/test_parameters_mandatory.py
@@ -14,7 +14,7 @@ def test_authorized_keys(host):
 
     with host.sudo():
 
-        ssh_key = open(os.path.expanduser('~/.ssh/id_rsa.pub'), 'r').read().strip()
+        ssh_key = open('tests/data/ansible_key.pub', 'r').read().strip()
         authorized_keys = host.file('/home/ansible/.ssh/authorized_keys')
 
         assert authorized_keys.is_file
@@ -28,6 +28,6 @@ def test_root_authorized_keys(host):
 
     with host.sudo():
 
-        ssh_key = open(os.path.expanduser('~/.ssh/id_rsa.pub'), 'r').read().strip()
+        ssh_key = open('tests/data/ansible_key.pub', 'r').read().strip()
 
         assert ssh_key not in host.file('/root/.ssh/authorized_keys').content_string