diff --git a/enos/enos-scenario-e2e-docker-base-with-worker-version.hcl b/enos/enos-scenario-e2e-docker-base-with-worker-version.hcl
new file mode 100644
index 0000000000..5a37e5656d
--- /dev/null
+++ b/enos/enos-scenario-e2e-docker-base-with-worker-version.hcl
@@ -0,0 +1,194 @@
+# Copyright (c) HashiCorp, Inc.
+# SPDX-License-Identifier: BUSL-1.1
+
+# For this scenario to work, add the following line to /etc/hosts
+# 127.0.0.1 localhost boundary
+# 127.0.0.1 localhost worker
+
+scenario "e2e_docker_base_with_worker_version" {
+  terraform_cli = terraform_cli.default
+  terraform     = terraform.default
+  providers = [
+    provider.enos.default
+  ]
+
+  matrix {
+    builder = ["local", "crt"]
+  }
+
+  locals {
+    aws_ssh_private_key_path   = abspath(var.aws_ssh_private_key_path)
+    local_boundary_src_dir     = var.local_boundary_src_dir != null ? abspath(var.local_boundary_src_dir) : null
+    boundary_docker_image_file = abspath(var.boundary_docker_image_file)
+    license_path               = abspath(var.boundary_license_path != null ? var.boundary_license_path : joinpath(path.root, "./support/boundary.hclic"))
+    image_base_name            = var.boundary_edition == "oss" ? "hashicorp/boundary" : "hashicorp/boundary-enterprise"
+    worker_version_tag         = var.worker_version != null ? var.worker_version : "latest"
+
+    network_cluster  = "e2e_cluster"
+    network_host     = "e2e_host"
+    network_database = "e2e_db"
+
+    build_path = {
+      "local" = "/tmp",
+      "crt"   = var.crt_bundle_path == null ? null : abspath(var.crt_bundle_path)
+    }
+    tags = merge({
+      "Project Name" : var.project_name
+      "Project" : "Enos",
+      "Environment" : "ci"
+    }, var.tags)
+  }
+
+  step "build_boundary_docker_image" {
+    module = matrix.builder == "crt" ? module.build_boundary_docker_crt : module.build_boundary_docker_local
+
+    variables {
+      path           = matrix.builder == "crt" ? local.boundary_docker_image_file : ""
+      cli_build_path = local.build_path[matrix.builder]
+      edition        = var.boundary_edition
+    }
+  }
+
+  step "create_docker_network_database" {
+    module = module.docker_network
+    variables {
+      network_name = local.network_database
+    }
+  }
+
+  step "create_docker_network_cluster" {
+    module = module.docker_network
+    variables {
+      network_name = local.network_cluster
+    }
+  }
+
+  step "create_docker_network_host" {
+    module = module.docker_network
+    variables {
+      network_name = local.network_host
+    }
+  }
+
+  step "create_boundary_database" {
+    depends_on = [
+      step.create_docker_network_cluster
+    ]
+    variables {
+      image_name   = "${var.docker_mirror}/library/postgres:latest"
+      network_name = [local.network_database]
+    }
+    module = module.docker_postgres
+  }
+
+  step "read_license" {
+    skip_step = var.boundary_edition == "oss"
+    module    = module.read_license
+
+    variables {
+      license_path = local.license_path
+      license      = var.boundary_license
+    }
+  }
+
+  step "create_boundary" {
+    module = module.docker_boundary
+    depends_on = [
+      step.create_docker_network_cluster,
+      step.create_docker_network_database,
+      step.create_boundary_database,
+      step.build_boundary_docker_image
+    ]
+    variables {
+      image_name       = step.build_boundary_docker_image.image_name
+      network_name     = [local.network_cluster, local.network_database]
+      database_network = local.network_database
+      postgres_address = step.create_boundary_database.address
+      boundary_license = var.boundary_edition != "oss" ? step.read_license.license : ""
+    }
+  }
+
+  step "create_vault" {
+    module = module.docker_vault
+    depends_on = [
+      step.create_docker_network_cluster
+    ]
+    variables {
+      image_name   = "${var.docker_mirror}/hashicorp/vault:${var.vault_version}"
+      network_name = [local.network_cluster]
+    }
+  }
+
+  step "create_host" {
+    module = module.docker_openssh_server
+    depends_on = [
+      step.create_docker_network_host
+    ]
+    variables {
+      image_name            = "${var.docker_mirror}/linuxserver/openssh-server:latest"
+      network_name          = [local.network_host]
+      private_key_file_path = local.aws_ssh_private_key_path
+    }
+  }
+
+  locals {
+    egress_tag = "egress"
+    worker_tag = local.worker_version_tag != "latest" && var.boundary_edition != "oss" ? "${local.worker_version_tag}-ent" : local.worker_version_tag
+  }
+
+
+
+  step "create_worker" {
+    module = module.docker_worker
+    depends_on = [
+      step.create_docker_network_cluster,
+      step.create_docker_network_host,
+      step.build_boundary_docker_image,
+      step.create_boundary
+    ]
+    variables {
+      image_name       = "${local.image_base_name}:${local.worker_tag}"
+      boundary_license = var.boundary_edition != "oss" ? step.read_license.license : ""
+      config_file      = "worker-config.hcl"
+      container_name   = "worker"
+      initial_upstream = step.create_boundary.upstream_address
+      network_name     = [local.network_cluster, local.network_host]
+      tags             = [local.egress_tag]
+      port             = "9402"
+    }
+  }
+
+  step "run_e2e_test" {
+    module = module.test_e2e_docker
+    depends_on = [
+      step.create_boundary,
+      step.create_vault,
+      step.create_host,
+      step.create_worker,
+    ]
+    variables {
+      test_package             = "github.com/hashicorp/boundary/testing/internal/e2e/tests/base_with_worker"
+      docker_mirror            = var.docker_mirror
+      network_name             = step.create_docker_network_cluster.network_name
+      go_version               = var.go_version
+      debug_no_run             = var.e2e_debug_no_run
+      alb_boundary_api_addr    = step.create_boundary.address
+      auth_method_id           = step.create_boundary.auth_method_id
+      auth_login_name          = step.create_boundary.login_name
+      auth_password            = step.create_boundary.password
+      local_boundary_dir       = step.build_boundary_docker_image.cli_zip_path
+      local_boundary_src_dir   = local.local_boundary_src_dir
+      aws_ssh_private_key_path = local.aws_ssh_private_key_path
+      target_address           = step.create_host.address
+      target_port              = step.create_host.port
+      target_user              = "ubuntu"
+      vault_addr_public        = step.create_vault.address_public
+      vault_addr_private       = step.create_vault.address_private
+      vault_root_token         = step.create_vault.token
+      vault_port               = step.create_vault.port
+      worker_tag_egress        = local.egress_tag
+      worker_tag_collocated    = step.create_boundary.worker_tag
+      max_page_size            = step.create_boundary.max_page_size
+    }
+  }
+}
diff --git a/enos/enos-variables.hcl b/enos/enos-variables.hcl
index 8ee11a5531..02129aaaed 100644
--- a/enos/enos-variables.hcl
+++ b/enos/enos-variables.hcl
@@ -283,3 +283,9 @@ variable "github_token" {
   type        = string
   default     = ""
 }
+
+variable "worker_version" {
+  description = "Manually set worker version to test different worker/controller version combinations"
+  type        = string
+  default     = null
+}
\ No newline at end of file
diff --git a/enos/enos.vars.hcl b/enos/enos.vars.hcl
index 26bea917d2..d74c61f084 100644
--- a/enos/enos.vars.hcl
+++ b/enos/enos.vars.hcl
@@ -95,4 +95,8 @@
 // Github token to load go modules on windows client
 // only required for running automation on RDP e2e test cases
 // Token requires read access to hashicorp repositories
-// github_token = ""
\ No newline at end of file
+// github_token = ""
+
+// The boundary version for the worker in scenarios with a worker and controller version
+// mismatch. Will pull the official boundary docker image for given version.
+// worker_version = "0.21"
\ No newline at end of file