diff --git a/values/argo/values/argocd.yaml.gotmpl b/values/argo/values/argocd.yaml.gotmpl
index c5dcf11a..d68597e6 100644
--- a/values/argo/values/argocd.yaml.gotmpl
+++ b/values/argo/values/argocd.yaml.gotmpl
@@ -264,7 +264,7 @@ server:
       nginx.ingress.kubernetes.io/ssl-passthrough: "true"
       nginx.ingress.kubernetes.io/ssl-redirect: "true"
       nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
-      {{- with .Values.clusterConfig.ingress_whitelist_ips }}
+      {{- with .Values.clusterConfig.ingress_whitelist }}
       nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
       {{- end }}
     hosts:
@@ -286,7 +286,7 @@ applicationSet:
     ingressClassName: nginx
     annotations:
       cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
-      # {{- with .Values.clusterConfig.ingress_whitelist_ips}}
+      # {{- with .Values.clusterConfig.ingress_whitelist}}
       # NOTE(kai): include gitlab and github webhook ranges
       # nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }},192.30.252.0/22,140.82.112.0/20,34.74.226.27/28,34.74.226.0/24
       # {{- end }}
diff --git a/values/env-oceanbox.yaml b/values/env-oceanbox.yaml
index d324e0ac..b5ff14d3 100644
--- a/values/env-oceanbox.yaml
+++ b/values/env-oceanbox.yaml
@@ -25,7 +25,7 @@ clusterConfig:
     patterns: []
     cidr: []
   nodes: []
-  ingress_whitelist_ips:
+  ingress_whitelist:
     #itp internal
     - 10.0.0.0/8
     - 172.16.0.0/12
diff --git a/values/env.yaml b/values/env.yaml
index 0872e232..523a4a6b 100644
--- a/values/env.yaml
+++ b/values/env.yaml
@@ -15,7 +15,7 @@ clusterConfig:
   nodenames: []
   nodes: []
   ingress_clusterissuer: "letsencrypt-production"
-  ingress_whitelist_ips:
+  ingress_whitelist:
     - 10.0.0.0/8
     - 172.16.0.0/12
     - 192.168.0.0/16
diff --git a/values/prometheus/values/prometheus.yaml.gotmpl b/values/prometheus/values/prometheus.yaml.gotmpl
index f98ef685..fe37502d 100644
--- a/values/prometheus/values/prometheus.yaml.gotmpl
+++ b/values/prometheus/values/prometheus.yaml.gotmpl
@@ -72,7 +72,7 @@ alertmanager:
     annotations:
       cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
       nginx.ingress.kubernetes.io/ssl-redirect: "true"
-      {{- with .Values.clusterConfig.ingress_whitelist_ips }}
+      {{- with .Values.clusterConfig.ingress_whitelist }}
       nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
       {{- end }}
     hosts:
@@ -173,7 +173,7 @@ grafana:
     annotations:
       cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
       nginx.ingress.kubernetes.io/ssl-redirect: "true"
-      {{- with .Values.clusterConfig.ingress_whitelist_ips}}
+      {{- with .Values.clusterConfig.ingress_whitelist}}
       nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
       {{- end }}
     hosts:
@@ -437,7 +437,7 @@ prometheus:
       cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
       nginx.ingress.kubernetes.io/ssl-redirect: "true"
       nginx.ingress.kubernetes.io/backend-protocol: "GRPC"
-      {{- with .Values.clusterConfig.ingress_whitelist_ips }}
+      {{- with .Values.clusterConfig.ingress_whitelist }}
       nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
       {{- end }}
       kubernetes.io/ingress.allow-http: "false"
@@ -458,7 +458,7 @@ prometheus:
     annotations:
       cert-manager.io/cluster-issuer: {{ .Values.clusterConfig.ingress_clusterissuer }}
       nginx.ingress.kubernetes.io/ssl-redirect: "true"
-      {{- with .Values.clusterConfig.ingress_whitelist_ips }}
+      {{- with .Values.clusterConfig.ingress_whitelist }}
       nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
       {{- end }}
     hosts:
diff --git a/values/system/oceanbox/kyverno/whitelist-internal-ingresses.yaml b/values/system/oceanbox/kyverno/whitelist-internal-ingresses.yaml
index adfde358..b3197e69 100644
--- a/values/system/oceanbox/kyverno/whitelist-internal-ingresses.yaml
+++ b/values/system/oceanbox/kyverno/whitelist-internal-ingresses.yaml
@@ -46,7 +46,7 @@ spec:
       patchStrategicMerge:
         metadata:
           annotations:
-            {{- with .Values.clusterConfig.ingress_whitelist_ips }}
+            {{- with .Values.clusterConfig.ingress_whitelist }}
             nginx.ingress.kubernetes.io/whitelist-source-range: "{{`{{ @ }}`}},{{ join "," . }}"
             {{- end }}
   - name: add-nginx-whitelist
@@ -66,7 +66,7 @@ spec:
       patchStrategicMerge:
         metadata:
           annotations:
-            {{- with .Values.clusterConfig.ingress_whitelist_ips }}
+            {{- with .Values.clusterConfig.ingress_whitelist }}
             nginx.ingress.kubernetes.io/whitelist-source-range: "{{ join "," . }}"
             {{- end }}
 {{- end }}
diff --git a/values/tempo/values/tempo.yaml.gotmpl b/values/tempo/values/tempo.yaml.gotmpl
index 00190480..529bf8d8 100644
--- a/values/tempo/values/tempo.yaml.gotmpl
+++ b/values/tempo/values/tempo.yaml.gotmpl
@@ -40,7 +40,7 @@ tempoQuery:
     annotations:
         cert-manager.io/cluster-issuer: {{ .Values.cluster_config.ingress_clusterissuer }}
         nginx.ingress.kubernetes.io/ssl-redirect: "true"
-        {{- with .Values.cluster_config.ingress_whitelist_ips }}
+        {{- with .Values.cluster_config.ingress_whitelist }}
         nginx.ingress.kubernetes.io/whitelist-source-range: {{ join "," . }}
         {{- end }}
     path: /