diff --git a/go.mod b/go.mod
index 3c6823de3..02694b167 100644
--- a/go.mod
+++ b/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/stretchr/objx v0.5.2
 	github.com/stretchr/testify v1.9.0
 	github.com/xdg/stringprep v1.0.3
-	go.mongodb.org/mongo-driver v1.16.0
+	go.mongodb.org/mongo-driver/v2 v2.0.0-beta2
 	go.uber.org/zap v1.27.0
 	gopkg.in/natefinch/lumberjack.v2 v2.2.1
 	k8s.io/api v0.27.12
@@ -52,7 +52,6 @@ require (
 	github.com/moby/spdystream v0.2.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/montanaflynn/stats v0.7.1 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
@@ -64,15 +63,15 @@ require (
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.1.2 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect
-	github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
+	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
 	go.uber.org/multierr v1.10.0 // indirect
-	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/crypto v0.27.0 // indirect
 	golang.org/x/net v0.27.0 // indirect
 	golang.org/x/oauth2 v0.7.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.22.0 // indirect
-	golang.org/x/term v0.22.0 // indirect
-	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/sync v0.8.0 // indirect
+	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/term v0.24.0 // indirect
+	golang.org/x/text v0.18.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.23.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect
diff --git a/go.sum b/go.sum
index 96e6f8a16..b321a7327 100644
--- a/go.sum
+++ b/go.sum
@@ -113,8 +113,6 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
-github.com/montanaflynn/stats v0.7.1 h1:etflOAAHORrCC44V+aR6Ftzort912ZU+YLiSTuV8eaE=
-github.com/montanaflynn/stats v0.7.1/go.mod h1:etXPPgVO6n31NxCd9KQUMvCM+ve0ruNzt6R8Bnaayow=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/onsi/ginkgo/v2 v2.9.5 h1:+6Hr4uxzP4XIUyAkg61dWBw8lb/gc4/X5luuxN/EC+Q=
@@ -162,13 +160,13 @@ github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6
 github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM=
 github.com/xdg/stringprep v1.0.3 h1:cmL5Enob4W83ti/ZHuZLuKD/xqJfus4fVPwE+/BDm+4=
 github.com/xdg/stringprep v1.0.3/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y=
-github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA=
-github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA=
+github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 h1:ilQV1hzziu+LLM3zUTJ0trRztfwgjqKnBWNtSRkbmwM=
+github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78/go.mod h1:aL8wCCfTfSfmXjznFBSZNN13rSJjlIOI1fUNAtF7rmI=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-go.mongodb.org/mongo-driver v1.16.0 h1:tpRsfBJMROVHKpdGyc1BBEzzjDUWjItxbVSZ8Ls4BQ4=
-go.mongodb.org/mongo-driver v1.16.0/go.mod h1:oB6AhJQvFQL4LEHyXi6aJzQJtBiTQHiAd83l0GdFaiw=
+go.mongodb.org/mongo-driver/v2 v2.0.0-beta2 h1:PRtbRKwblE8ZfI8qOhofcjn9y8CmKZI7trS5vDMeJX0=
+go.mongodb.org/mongo-driver/v2 v2.0.0-beta2/go.mod h1:UGLb3ZgEzaY0cCbJpH9UFt9B6gEXiTPzsnJS38nBeoU=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
@@ -179,8 +177,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
-golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
+golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
+golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
@@ -211,8 +209,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
-golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
+golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -222,19 +220,19 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
-golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
+golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.22.0 h1:BbsgPEJULsl2fV/AT3v15Mjva5yXKQDyKf+TbDz7QJk=
-golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4=
+golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM=
+golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
-golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
-golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
+golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
+golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
 golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -309,8 +307,6 @@ k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw=
 k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
 k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f h1:2kWPakN3i/k81b0gvD5C5FJ2kxm1WrQFanWchyKuqGg=
 k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg=
-k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY=
-k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 h1:jgGTlFYnhF1PM1Ax/lAlxUPE+KfCIXHaathvJg1C3ak=
 k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 sigs.k8s.io/controller-runtime v0.15.3 h1:L+t5heIaI3zeejoIyyvLQs5vTVu/67IU2FfisVzFlBc=
diff --git a/test/e2e/replica_set_authentication/replica_set_authentication_test.go b/test/e2e/replica_set_authentication/replica_set_authentication_test.go
index 38dbcd962..e9597b88b 100644
--- a/test/e2e/replica_set_authentication/replica_set_authentication_test.go
+++ b/test/e2e/replica_set_authentication/replica_set_authentication_test.go
@@ -8,7 +8,7 @@ import (
 
 	mdbv1 "github.com/mongodb/mongodb-kubernetes-operator/api/v1"
 	. "github.com/mongodb/mongodb-kubernetes-operator/test/e2e/util/mongotester"
-	"go.mongodb.org/mongo-driver/bson/primitive"
+	"go.mongodb.org/mongo-driver/v2/bson"
 
 	e2eutil "github.com/mongodb/mongodb-kubernetes-operator/test/e2e"
 	"github.com/mongodb/mongodb-kubernetes-operator/test/e2e/mongodbtests"
@@ -76,7 +76,7 @@ func testConfigAuthentication(ctx context.Context, mdb mdbv1.MongoDBCommunity, u
 		}
 		t.Logf("Config: use Sha256: %t (use label: %t), use Sha1: %t", pickedOpts.sha256, pickedOpts.useLabelForSha256, pickedOpts.sha1)
 
-		enabledMechanisms := primitive.A{"SCRAM-SHA-256"}
+		enabledMechanisms := bson.A{"SCRAM-SHA-256"}
 		var acceptedModes []mdbv1.AuthMode
 		if pickedOpts.sha256 {
 			if pickedOpts.useLabelForSha256 {
@@ -88,9 +88,9 @@ func testConfigAuthentication(ctx context.Context, mdb mdbv1.MongoDBCommunity, u
 		if pickedOpts.sha1 {
 			acceptedModes = append(acceptedModes, "SCRAM-SHA-1")
 			if pickedOpts.sha256 {
-				enabledMechanisms = primitive.A{"SCRAM-SHA-256", "SCRAM-SHA-1"}
+				enabledMechanisms = bson.A{"SCRAM-SHA-256", "SCRAM-SHA-1"}
 			} else {
-				enabledMechanisms = primitive.A{"SCRAM-SHA-1"}
+				enabledMechanisms = bson.A{"SCRAM-SHA-1"}
 			}
 		}
 
diff --git a/test/e2e/replica_set_tls_upgrade/replica_set_tls_upgrade_test.go b/test/e2e/replica_set_tls_upgrade/replica_set_tls_upgrade_test.go
index eb85477f3..60a1fc862 100644
--- a/test/e2e/replica_set_tls_upgrade/replica_set_tls_upgrade_test.go
+++ b/test/e2e/replica_set_tls_upgrade/replica_set_tls_upgrade_test.go
@@ -28,6 +28,8 @@ func TestReplicaSetTLSUpgrade(t *testing.T) {
 	ctx := context.Background()
 	resourceName := "mdb-tls"
 
+	t.Setenv("MONGODB_LOG_ALL", "debug")
+
 	testCtx, testConfig := setup.SetupWithTLS(ctx, t, resourceName)
 	defer testCtx.Teardown()
 
diff --git a/test/e2e/util/mongotester/mongotester.go b/test/e2e/util/mongotester/mongotester.go
index 58ad54181..2c3f96104 100644
--- a/test/e2e/util/mongotester/mongotester.go
+++ b/test/e2e/util/mongotester/mongotester.go
@@ -13,16 +13,15 @@ import (
 	"time"
 
 	"github.com/stretchr/objx"
-	"go.mongodb.org/mongo-driver/bson/primitive"
 
-	"go.mongodb.org/mongo-driver/mongo"
-	"go.mongodb.org/mongo-driver/mongo/options"
+	"go.mongodb.org/mongo-driver/v2/mongo"
+	"go.mongodb.org/mongo-driver/v2/mongo/options"
 
 	mdbv1 "github.com/mongodb/mongodb-kubernetes-operator/api/v1"
 	"github.com/mongodb/mongodb-kubernetes-operator/pkg/automationconfig"
 	e2eutil "github.com/mongodb/mongodb-kubernetes-operator/test/e2e"
 	"github.com/stretchr/testify/assert"
-	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/v2/bson"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	"k8s.io/apimachinery/pkg/util/wait"
@@ -31,11 +30,11 @@ import (
 type Tester struct {
 	ctx         context.Context
 	mongoClient *mongo.Client
-	clientOpts  []*options.ClientOptions
+	clientOpts  []options.Lister[options.ClientOptions]
 	resource    *mdbv1.MongoDBCommunity
 }
 
-func newTester(ctx context.Context, mdb *mdbv1.MongoDBCommunity, opts ...*options.ClientOptions) *Tester {
+func newTester(ctx context.Context, mdb *mdbv1.MongoDBCommunity, opts ...options.Lister[options.ClientOptions]) *Tester {
 	t := &Tester{
 		ctx:      ctx,
 		resource: mdb,
@@ -48,15 +47,13 @@ func newTester(ctx context.Context, mdb *mdbv1.MongoDBCommunity, opts ...*option
 // of options.ClientOptions, and return the final desired list
 // making any modifications required
 type OptionApplier interface {
-	ApplyOption(opts ...*options.ClientOptions) []*options.ClientOptions
+	ApplyOption(opts ...options.Lister[options.ClientOptions]) []options.Lister[options.ClientOptions]
 }
 
 // FromResource returns a Tester instance from a MongoDB resource. It infers SCRAM username/password
-// and the hosts from the resource.
-func FromResource(ctx context.Context, t *testing.T, mdb mdbv1.MongoDBCommunity, opts ...OptionApplier) (*Tester, error) {
-	var clientOpts []*options.ClientOptions
-
-	clientOpts = WithHosts(mdb.Hosts("")).ApplyOption(clientOpts...)
+func FromResource(ctx context.Context, t *testing.T, mdb mdbv1.MongoDBCommunity) (*Tester, error) {
+	// and the hosts from the resource.
+	clientOpts := WithHosts(mdb.Hosts("")).ApplyOption()
 
 	t.Logf("Configuring hosts: %s for MongoDB: %s", mdb.Hosts(""), mdb.NamespacedName())
 
@@ -72,18 +69,11 @@ func FromResource(ctx context.Context, t *testing.T, mdb mdbv1.MongoDBCommunity,
 		clientOpts = WithScram(user.Name, string(passwordSecret.Data[user.PasswordSecretRef.Key])).ApplyOption(clientOpts...)
 	}
 
-	// add any additional options
-	for _, opt := range opts {
-		clientOpts = opt.ApplyOption(clientOpts...)
-	}
-
 	return newTester(ctx, &mdb, clientOpts...), nil
 }
 
-func FromX509Resource(ctx context.Context, t *testing.T, mdb mdbv1.MongoDBCommunity, opts ...OptionApplier) (*Tester, error) {
-	var clientOpts []*options.ClientOptions
-
-	clientOpts = WithHosts(mdb.Hosts("")).ApplyOption(clientOpts...)
+func FromX509Resource(ctx context.Context, t *testing.T, mdb mdbv1.MongoDBCommunity) (*Tester, error) {
+	clientOpts := WithHosts(mdb.Hosts("")).ApplyOption()
 
 	t.Logf("Configuring hosts: %s for MongoDB: %s", mdb.Hosts(""), mdb.NamespacedName())
 
@@ -92,11 +82,6 @@ func FromX509Resource(ctx context.Context, t *testing.T, mdb mdbv1.MongoDBCommun
 		clientOpts = WithX509().ApplyOption(clientOpts...)
 	}
 
-	// add any additional options
-	for _, opt := range opts {
-		clientOpts = opt.ApplyOption(clientOpts...)
-	}
-
 	return newTester(ctx, &mdb, clientOpts...), nil
 }
 
@@ -113,7 +98,7 @@ func (m *Tester) ConnectivityFails(opts ...OptionApplier) func(t *testing.T) {
 }
 
 func (m *Tester) ConnectivityRejected(ctx context.Context, opts ...OptionApplier) func(t *testing.T) {
-	clientOpts := make([]*options.ClientOptions, 0)
+	clientOpts := make([]options.Lister[options.ClientOptions], 0)
 	for _, optApplier := range opts {
 		clientOpts = optApplier.ApplyOption(clientOpts...)
 	}
@@ -124,7 +109,7 @@ func (m *Tester) ConnectivityRejected(ctx context.Context, opts ...OptionApplier
 			t.Skip()
 		}
 
-		if err := m.ensureClient(ctx, clientOpts...); err == nil {
+		if err := m.ensureClient(clientOpts...); err == nil {
 			t.Fatalf("No error, but it should have failed")
 		}
 	}
@@ -135,14 +120,14 @@ func (m *Tester) HasKeyfileAuth(tries int, opts ...OptionApplier) func(t *testin
 }
 
 func (m *Tester) HasFCV(fcv string, tries int, opts ...OptionApplier) func(t *testing.T) {
-	return m.hasAdminParameter("featureCompatibilityVersion", map[string]interface{}{"version": fcv}, tries, opts...)
+	return m.hasAdminParameter("featureCompatibilityVersion", bson.D{{Key: "version", Value: fcv}}, tries, opts...)
 }
 
 func (m *Tester) ScramIsConfigured(tries int, opts ...OptionApplier) func(t *testing.T) {
-	return m.hasAdminParameter("authenticationMechanisms", primitive.A{"SCRAM-SHA-256"}, tries, opts...)
+	return m.hasAdminParameter("authenticationMechanisms", bson.A{"SCRAM-SHA-256"}, tries, opts...)
 }
 
-func (m *Tester) ScramWithAuthIsConfigured(tries int, enabledMechanisms primitive.A, opts ...OptionApplier) func(t *testing.T) {
+func (m *Tester) ScramWithAuthIsConfigured(tries int, enabledMechanisms bson.A, opts ...OptionApplier) func(t *testing.T) {
 	return m.hasAdminParameter("authenticationMechanisms", enabledMechanisms, tries, opts...)
 }
 
@@ -153,7 +138,7 @@ func (m *Tester) EnsureAuthenticationIsConfigured(tries int, opts ...OptionAppli
 	}
 }
 
-func (m *Tester) EnsureAuthenticationWithAuthIsConfigured(tries int, enabledMechanisms primitive.A, opts ...OptionApplier) func(t *testing.T) {
+func (m *Tester) EnsureAuthenticationWithAuthIsConfigured(tries int, enabledMechanisms bson.A, opts ...OptionApplier) func(t *testing.T) {
 	return func(t *testing.T) {
 		t.Run("Ensure keyFile authentication is configured", m.HasKeyfileAuth(tries, opts...))
 		t.Run(fmt.Sprintf("%q is configured", enabledMechanisms), m.ScramWithAuthIsConfigured(tries, enabledMechanisms, opts...))
@@ -183,7 +168,7 @@ func (m *Tester) VerifyRoles(expectedRoles []automationconfig.CustomRole, tries
 			t.Fatal(err)
 			return false
 		}
-		assert.ElementsMatch(t, result.Roles, expectedRoles)
+		assert.Subset(t, result.Roles, expectedRoles)
 		return true
 	}, tries, opts...)
 }
@@ -191,13 +176,13 @@ func (m *Tester) VerifyRoles(expectedRoles []automationconfig.CustomRole, tries
 type verifyAdminResultFunc func(t *testing.T) bool
 
 func (m *Tester) hasAdminCommandResult(verify verifyAdminResultFunc, tries int, opts ...OptionApplier) func(t *testing.T) {
-	clientOpts := make([]*options.ClientOptions, 0)
+	clientOpts := make([]options.Lister[options.ClientOptions], 0)
 	for _, optApplier := range opts {
 		clientOpts = optApplier.ApplyOption(clientOpts...)
 	}
 
 	return func(t *testing.T) {
-		if err := m.ensureClient(m.ctx, clientOpts...); err != nil {
+		if err := m.ensureClient(clientOpts...); err != nil {
 			t.Fatal(err)
 		}
 
@@ -233,7 +218,7 @@ func (m *Tester) hasAdminParameter(key string, expectedValue interface{}, tries
 
 func (m *Tester) connectivityCheck(shouldSucceed bool, opts ...OptionApplier) func(t *testing.T) {
 
-	clientOpts := make([]*options.ClientOptions, 0)
+	clientOpts := make([]options.Lister[options.ClientOptions], 0)
 	for _, optApplier := range opts {
 		clientOpts = optApplier.ApplyOption(clientOpts...)
 	}
@@ -249,7 +234,7 @@ func (m *Tester) connectivityCheck(shouldSucceed bool, opts ...OptionApplier) fu
 		ctx, cancel := context.WithTimeout(m.ctx, connectivityOpts.ContextTimeout)
 		defer cancel()
 
-		if err := m.ensureClient(ctx, clientOpts...); err != nil {
+		if err := m.ensureClient(clientOpts...); err != nil {
 			t.Fatal(err)
 		}
 
@@ -260,7 +245,7 @@ func (m *Tester) connectivityCheck(shouldSucceed bool, opts ...OptionApplier) fu
 			collection := m.mongoClient.Database(connectivityOpts.Database).Collection(connectivityOpts.Collection)
 			_, err = collection.InsertOne(ctx, bson.M{"name": "pi", "value": 3.14159})
 			if err != nil && shouldSucceed {
-				t.Logf("Was not able to connect, when we should have been able to!")
+				t.Logf("Was not able to connect, when we should have been able to! Error: %v", err)
 				return false, nil
 			}
 			if err == nil && !shouldSucceed {
@@ -294,7 +279,7 @@ func (m *Tester) WaitForRotatedCertificate(mdb mdbv1.MongoDBCommunity, initialCe
 			return nil
 		}
 
-		if err := m.ensureClient(m.ctx, &options.ClientOptions{TLSConfig: tls}); err != nil {
+		if err := m.ensureClient(options.Client().SetTLSConfig(tls)); err != nil {
 			t.Fatal(err)
 		}
 
@@ -318,9 +303,13 @@ func (m *Tester) EnsureMongodConfig(selector string, expected interface{}) func(
 		connectivityOpts := defaults()
 		err := wait.PollUntilContextTimeout(m.ctx, connectivityOpts.IntervalTime, connectivityOpts.TimeoutTime, false, func(ctx context.Context) (done bool, err error) {
 			opts, err := m.getCommandLineOptions()
+			fmt.Printf("Debugging: Unparsed options: %v, error: %v\n", opts, err)
 			assert.NoError(t, err)
 
 			parsed := objx.New(bsonToMap(opts)).Get("parsed").ObjxMap()
+			fmt.Printf("Debugging: parsed: %v, %v\n", parsed, reflect.TypeOf(parsed))
+			fmt.Printf("Debugging: expected: %vm %v\n", expected, reflect.TypeOf(parsed))
+			fmt.Printf("Debugging: selected: %vm %v\n", parsed.Get(selector).Data(), reflect.TypeOf(parsed.Get(selector).Data()))
 
 			return expected == parsed.Get(selector).Data(), nil
 		})
@@ -336,7 +325,7 @@ func (m *Tester) getCommandLineOptions() (bson.M, error) {
 	var result bson.M
 	err := m.mongoClient.
 		Database("admin").
-		RunCommand(m.ctx, bson.D{primitive.E{Key: "getCmdLineOpts", Value: 1}}).
+		RunCommand(m.ctx, bson.D{bson.E{Key: "getCmdLineOpts", Value: 1}}).
 		Decode(&result)
 
 	return result, err
@@ -384,10 +373,8 @@ func (m *Tester) StartBackgroundConnectivityTest(t *testing.T, interval time.Dur
 
 // ensureClient establishes a mongo client connection applying any addition
 // client options on top of what were provided at construction.
-func (t *Tester) ensureClient(ctx context.Context, opts ...*options.ClientOptions) error {
-	allOpts := t.clientOpts
-	allOpts = append(allOpts, opts...)
-	mongoClient, err := mongo.Connect(ctx, allOpts...)
+func (t *Tester) ensureClient(opts ...options.Lister[options.ClientOptions]) error {
+	mongoClient, err := mongo.Connect(append(t.clientOpts, opts...)...)
 	if err != nil {
 		return err
 	}
@@ -432,80 +419,47 @@ func (m *Tester) PrometheusEndpointIsReachable(username, password string, useTls
 // clientOptionAdder is the standard implementation that simply adds a
 // new options.ClientOption to the mongo client
 type clientOptionAdder struct {
-	option *options.ClientOptions
+	option options.Lister[options.ClientOptions]
 }
 
-func (c clientOptionAdder) ApplyOption(opts ...*options.ClientOptions) []*options.ClientOptions {
+func (c clientOptionAdder) ApplyOption(opts ...options.Lister[options.ClientOptions]) []options.Lister[options.ClientOptions] {
 	return append(opts, c.option)
 }
 
-// clientOptionRemover is used if a value from the client array of options should be removed.
-// assigning a nil value will not take precedence over an existing value, so we need a mechanism
-// to remove elements that are present
-
-// e.g. to disable TLS, you need to remove the options.ClientOption that has a non-nil tls config
-// it is not enough to add a tls config that has a nil value.
-type clientOptionRemover struct {
-	// removalPredicate is a function which returns a bool indicating
-	// if a given options.ClientOption should be removed.
-	removalPredicate func(opt *options.ClientOptions) bool
-}
-
-func (c clientOptionRemover) ApplyOption(opts ...*options.ClientOptions) []*options.ClientOptions {
-	newOpts := make([]*options.ClientOptions, 0)
-	for _, opt := range opts {
-		if !c.removalPredicate(opt) {
-			newOpts = append(newOpts, opt)
-		}
-	}
-	return newOpts
-}
-
 // WithScram provides a configuration option that will configure the MongoDB resource
 // with the given username and password
 func WithScram(username, password string) OptionApplier {
-	return clientOptionAdder{
-		option: &options.ClientOptions{
-			Auth: &options.Credential{
-				AuthMechanism: "SCRAM-SHA-256",
-				AuthSource:    "admin",
-				Username:      username,
-				Password:      password,
-			},
-		},
+	return clientOptionAdder{option: options.Client().SetAuth(options.Credential{
+		AuthMechanism: "SCRAM-SHA-256",
+		AuthSource:    "admin",
+		Username:      username,
+		Password:      password,
+	}),
 	}
 }
 
 func WithScramWithAuth(username, password string, authenticationMechanism string) OptionApplier {
 	return clientOptionAdder{
-		option: &options.ClientOptions{
-			Auth: &options.Credential{
-				AuthMechanism: authenticationMechanism,
-				AuthSource:    "admin",
-				Username:      username,
-				Password:      password,
-			},
-		},
+		option: options.Client().SetAuth(options.Credential{
+			AuthMechanism: authenticationMechanism,
+			AuthSource:    "admin",
+			Username:      username,
+			Password:      password,
+		}),
 	}
 }
 
 func WithX509() OptionApplier {
 	return clientOptionAdder{
-		option: &options.ClientOptions{
-			Auth: &options.Credential{
-				AuthMechanism: "MONGODB-X509",
-			},
-		},
+		option: options.Client().SetAuth(options.Credential{
+			AuthMechanism: "MONGODB-X509",
+		}),
 	}
 }
 
 // WithHosts configures the hosts of the deployment
 func WithHosts(hosts []string) OptionApplier {
-	return clientOptionAdder{
-		option: &options.ClientOptions{
-			Hosts: hosts,
-		},
-	}
+	return clientOptionAdder{option: options.Client().SetHosts(hosts)}
 }
 
 // WithTls configures the client to use tls
@@ -519,36 +473,22 @@ func WithTls(ctx context.Context, mdb mdbv1.MongoDBCommunity) OptionApplier {
 }
 
 func withTls(tls *tls.Config) OptionApplier {
-	return clientOptionAdder{
-		option: &options.ClientOptions{
-			TLSConfig: tls,
-		},
-	}
+	return clientOptionAdder{option: options.Client().SetTLSConfig(tls)}
 }
 
 // WithoutTls will remove the tls configuration
 func WithoutTls() OptionApplier {
-	return clientOptionRemover{
-		removalPredicate: func(opt *options.ClientOptions) bool {
-			return opt.TLSConfig != nil
-		},
-	}
+	return clientOptionAdder{option: options.Client().SetTLSConfig(nil)}
 }
 
 // WithURI will add URI connection string
 func WithURI(uri string) OptionApplier {
-	opt := &options.ClientOptions{}
-	opt.ApplyURI(uri)
-	return clientOptionAdder{option: opt}
+	return clientOptionAdder{option: options.Client().ApplyURI(uri)}
 }
 
 // WithReplicaSet will explicitly add a replicaset name
 func WithReplicaSet(rsname string) OptionApplier {
-	return clientOptionAdder{
-		option: &options.ClientOptions{
-			ReplicaSet: &rsname,
-		},
-	}
+	return clientOptionAdder{option: options.Client().SetReplicaSet(rsname)}
 }
 
 // getClientTLSConfig reads in the tls fixtures
diff --git a/test/e2e/util/mongotester/mongotester_test.go b/test/e2e/util/mongotester/mongotester_test.go
index 91ca6489b..d99969807 100644
--- a/test/e2e/util/mongotester/mongotester_test.go
+++ b/test/e2e/util/mongotester/mongotester_test.go
@@ -6,16 +6,15 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/assert"
-	"go.mongodb.org/mongo-driver/mongo/options"
+	"go.mongodb.org/mongo-driver/v2/mongo/options"
 )
 
 func TestTlsRemoval_RemovesCorrectConfig(t *testing.T) {
-	var opts []*options.ClientOptions
-
 	// configure TLS and hosts
-	opts = withTls(&tls.Config{ //nolint
+	opts := withTls(&tls.Config{ //nolint
 		ServerName: "some-name",
-	}).ApplyOption(opts...)
+	}).ApplyOption()
+
 	opts = WithHosts([]string{"host1", "host2", "host3"}).ApplyOption(opts...)
 
 	removalOpt := WithoutTls()
@@ -23,21 +22,43 @@ func TestTlsRemoval_RemovesCorrectConfig(t *testing.T) {
 	// remove the tls value
 	opts = removalOpt.ApplyOption(opts...)
 
-	assert.Len(t, opts, 1, "tls removal should remove an element")
-	assert.NotNil(t, opts[0].Hosts, "tls removal should not effect other configs")
-	assert.Len(t, opts[0].Hosts, 3, "original configs should not be changed")
-	assert.True(t, reflect.DeepEqual(opts[0].Hosts, []string{"host1", "host2", "host3"}))
+	var errs []error
+	raw := options.ClientOptions{}
+	for _, opt := range opts {
+		for _, fn := range opt.List() {
+			err := fn(&raw)
+			if err != nil {
+				errs = append(errs, err)
+			}
+		}
+	}
+
+	assert.Len(t, errs, 0)
+	assert.Len(t, opts, 3, "tls removal should remove an element")
+	assert.NotNil(t, raw.Hosts, "tls removal should not effect other configs")
+	assert.Len(t, raw.Hosts, 3, "original configs should not be changed")
+	assert.True(t, reflect.DeepEqual(raw.Hosts, []string{"host1", "host2", "host3"}))
 }
 
 func TestWithScram_AddsScramOption(t *testing.T) {
-	var opts []*options.ClientOptions
+	opts := WithScram("username", "password").ApplyOption()
 
-	opts = WithScram("username", "password").ApplyOption(opts...)
+	raw := options.ClientOptions{}
+	var errs []error
+	for _, opt := range opts {
+		for _, fn := range opt.List() {
+			err := fn(&raw)
+			if err != nil {
+				errs = append(errs, err)
+			}
+		}
+	}
 
+	assert.Len(t, errs, 0)
 	assert.Len(t, opts, 1)
-	assert.NotNil(t, opts[0])
-	assert.Equal(t, opts[0].Auth.AuthMechanism, "SCRAM-SHA-256")
-	assert.Equal(t, opts[0].Auth.Username, "username")
-	assert.Equal(t, opts[0].Auth.Password, "password")
-	assert.Equal(t, opts[0].Auth.AuthSource, "admin")
+	assert.NotNil(t, opts)
+	assert.Equal(t, raw.Auth.AuthMechanism, "SCRAM-SHA-256")
+	assert.Equal(t, raw.Auth.Username, "username")
+	assert.Equal(t, raw.Auth.Password, "password")
+	assert.Equal(t, raw.Auth.AuthSource, "admin")
 }