diff --git a/main.pm b/main.pm
index 5da70c57..28576c30 100644
--- a/main.pm
+++ b/main.pm
@@ -25,6 +25,7 @@ sub load_install_tests() {
     return 1 if get_var('OPENQA_FROM_GIT');
     loadtest 'install/openqa_worker' unless get_var('OPENQA_FROM_BOOTSTRAP');
     loadtest 'install/worker_ay_validation' if get_var('VALIDATE_AUTOYAST');
+    loadtest 'install/apparmor' if get_var('USE_APPARMOR');
     loadtest 'install/test_distribution';
 }
 
diff --git a/scenario-definitions.yaml b/scenario-definitions.yaml
index 77db6620..8a4e8652 100644
--- a/scenario-definitions.yaml
+++ b/scenario-definitions.yaml
@@ -55,6 +55,7 @@ job_templates:
     settings:
       DESKTOP: minimalx
       OPENQA_WEB_PROXY: 'nginx'
+      USE_APPARMOR: "1"
   openqa_install_multimachine:
     <<: *common_4g
     settings:
diff --git a/tests/install/apparmor.pm b/tests/install/apparmor.pm
new file mode 100644
index 00000000..2e0ae965
--- /dev/null
+++ b/tests/install/apparmor.pm
@@ -0,0 +1,17 @@
+use Mojo::Base 'openQAcoretest', -signatures;
+use testapi;
+use utils qw(install_packages);
+
+sub run {
+    # Make sure AppArmor is installed and enabled
+    install_packages('-t pattern apparmor');
+    assert_script_run('systemctl enable --now apparmor');
+    assert_script_run('aa-enabled');
+    # Reload AppArmor to enforce newly installed profiles
+    assert_script_run('systemctl reload apparmor');
+    # Restart running services to apply loaded profiles
+    assert_script_run('systemctl try-restart openqa-*');
+    assert_script_run('aa-status --filter.profiles="usr.share.openqa.*"');
+}
+
+1;