diff --git a/roles/bootstrap/molecule/default/tests/test_parameters_optional.py b/roles/bootstrap/molecule/default/tests/test_parameters_optional.py
new file mode 100644
index 0000000000000000000000000000000000000000..331b480db26bf58b04ddbae6333fc0b9d288738d
--- /dev/null
+++ b/roles/bootstrap/molecule/default/tests/test_parameters_optional.py
@@ -0,0 +1,31 @@
+import testinfra.utils.ansible_runner
+
+
+testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
+    '.molecule/ansible_inventory.yml').get_hosts('parameters-optional')
+
+
+def test_authorized_keys(host):
+    """
+    Tests if Ansible user authorized_keys has been set-up correctly.
+    """
+
+    with host.sudo():
+
+        ssh_key = open('tests/data/ansible_key.pub', 'read').read().strip()
+        authorized_keys = host.file('/home/ansible/.ssh/authorized_keys')
+
+        assert authorized_keys.is_file
+        assert ssh_key in authorized_keys.content
+
+
+def test_root_authorised_keys(host):
+    """
+    Tests if Ansible key been removed from root's authorized keys.
+    """
+
+    with host.sudo():
+
+        ssh_key = open('tests/data/ansible_key.pub', 'read').read().strip()
+
+        assert ssh_key not in host.file('/root/.ssh/authorized_keys').content