diff --git a/api/v1beta1/policyautomation_types.go b/api/v1beta1/policyautomation_types.go
index 37059439..6985e117 100644
--- a/api/v1beta1/policyautomation_types.go
+++ b/api/v1beta1/policyautomation_types.go
@@ -53,7 +53,7 @@ type AutomationDef struct {
 	// is "1000".
 	//
 	// +kubebuilder:validation:Minimum=0
-	PolicyViolationsLimit *uint `json:"policyViolationsLimit,omitempty"`
+	PolicyViolationsLimit *uint16 `json:"policyViolationsLimit,omitempty"`
 }
 
 // PolicyAutomationSpec defines how and when automation is initiated for the referenced policy.
diff --git a/api/v1beta1/zz_generated.deepcopy.go b/api/v1beta1/zz_generated.deepcopy.go
index 4bf9df9b..ca58a03e 100644
--- a/api/v1beta1/zz_generated.deepcopy.go
+++ b/api/v1beta1/zz_generated.deepcopy.go
@@ -26,7 +26,7 @@ func (in *AutomationDef) DeepCopyInto(out *AutomationDef) {
 	}
 	if in.PolicyViolationsLimit != nil {
 		in, out := &in.PolicyViolationsLimit, &out.PolicyViolationsLimit
-		*out = new(uint)
+		*out = new(uint16)
 		**out = **in
 	}
 }
diff --git a/controllers/automation/policyautomation_controller.go b/controllers/automation/policyautomation_controller.go
index fc311749..d68d0a86 100644
--- a/controllers/automation/policyautomation_controller.go
+++ b/controllers/automation/policyautomation_controller.go
@@ -196,7 +196,7 @@ func (r *PolicyAutomationReconciler) getViolationContext(
 
 	policyViolationsLimit := policyAutomation.Spec.Automation.PolicyViolationsLimit
 	if policyViolationsLimit == nil {
-		policyViolationsLimit = new(uint)
+		policyViolationsLimit = new(uint16)
 		*policyViolationsLimit = policyv1beta1.DefaultPolicyViolationsLimit
 	}
 
diff --git a/controllers/encryptionkeys/encryptionkeys_controller.go b/controllers/encryptionkeys/encryptionkeys_controller.go
index 735d1d36..cab07cb9 100644
--- a/controllers/encryptionkeys/encryptionkeys_controller.go
+++ b/controllers/encryptionkeys/encryptionkeys_controller.go
@@ -38,7 +38,7 @@ var (
 )
 
 // SetupWithManager sets up the controller with the Manager.
-func (r *EncryptionKeysReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles uint) error {
+func (r *EncryptionKeysReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles uint16) error {
 	return ctrl.NewControllerManagedBy(mgr).
 		// The work queue prevents the same item being reconciled concurrently:
 		// https://github.com/kubernetes-sigs/controller-runtime/issues/1416#issuecomment-899833144
@@ -55,7 +55,7 @@ var _ reconcile.Reconciler = &EncryptionKeysReconciler{}
 // for all managed clusters.
 type EncryptionKeysReconciler struct { //nolint:golint,revive
 	client.Client
-	KeyRotationDays uint
+	KeyRotationDays uint32
 	Scheme          *runtime.Scheme
 }
 
diff --git a/controllers/policymetrics/policymetrics_controller.go b/controllers/policymetrics/policymetrics_controller.go
index 1b4ae670..94cd3135 100644
--- a/controllers/policymetrics/policymetrics_controller.go
+++ b/controllers/policymetrics/policymetrics_controller.go
@@ -24,7 +24,7 @@ const ControllerName string = "policy-metrics"
 var log = ctrl.Log.WithName(ControllerName)
 
 // SetupWithManager sets up the controller with the Manager.
-func (r *MetricReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles uint) error {
+func (r *MetricReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles uint16) error {
 	return ctrl.NewControllerManagedBy(mgr).
 		// The work queue prevents the same item being reconciled concurrently:
 		// https://github.com/kubernetes-sigs/controller-runtime/issues/1416#issuecomment-899833144
diff --git a/controllers/propagator/replicatedpolicy_setup.go b/controllers/propagator/replicatedpolicy_setup.go
index f4c23704..7dd130cc 100644
--- a/controllers/propagator/replicatedpolicy_setup.go
+++ b/controllers/propagator/replicatedpolicy_setup.go
@@ -19,7 +19,7 @@ import (
 
 func (r *ReplicatedPolicyReconciler) SetupWithManager(
 	mgr ctrl.Manager,
-	maxConcurrentReconciles uint,
+	maxConcurrentReconciles uint16,
 	dependenciesSource source.Source,
 	updateSrc source.Source,
 	templateSrc source.Source,
diff --git a/controllers/propagator/rootpolicy_setup.go b/controllers/propagator/rootpolicy_setup.go
index c4205cdb..a8d4ceac 100644
--- a/controllers/propagator/rootpolicy_setup.go
+++ b/controllers/propagator/rootpolicy_setup.go
@@ -28,7 +28,7 @@ import (
 //+kubebuilder:rbac:groups=*,resources=*,verbs=get;list;watch
 
 // SetupWithManager sets up the controller with the Manager.
-func (r *RootPolicyReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles uint) error {
+func (r *RootPolicyReconciler) SetupWithManager(mgr ctrl.Manager, maxConcurrentReconciles uint16) error {
 	return ctrl.NewControllerManagedBy(mgr).
 		WithOptions(controller.Options{MaxConcurrentReconciles: int(maxConcurrentReconciles)}).
 		Named("root-policy-spec").
diff --git a/controllers/rootpolicystatus/root_policy_status_controller.go b/controllers/rootpolicystatus/root_policy_status_controller.go
index adce5119..9cb55506 100644
--- a/controllers/rootpolicystatus/root_policy_status_controller.go
+++ b/controllers/rootpolicystatus/root_policy_status_controller.go
@@ -32,7 +32,7 @@ var log = ctrl.Log.WithName(ControllerName)
 // SetupWithManager sets up the controller with the Manager.
 func (r *RootPolicyStatusReconciler) SetupWithManager(
 	mgr ctrl.Manager,
-	maxConcurrentReconciles uint,
+	maxConcurrentReconciles uint16,
 	plrsEnabled bool,
 ) error {
 	ctrlBldr := ctrl.NewControllerManagedBy(mgr).
diff --git a/main.go b/main.go
index bd870e49..896b3f03 100644
--- a/main.go
+++ b/main.go
@@ -116,12 +116,12 @@ func main() {
 		secureMetrics               bool
 		enableLeaderElection        bool
 		probeAddr                   string
-		keyRotationDays             uint
-		keyRotationMaxConcurrency   uint
-		policyMetricsMaxConcurrency uint
-		policyStatusMaxConcurrency  uint
-		rootPolicyMaxConcurrency    uint
-		replPolicyMaxConcurrency    uint
+		keyRotationDays             uint32
+		keyRotationMaxConcurrency   uint16
+		policyMetricsMaxConcurrency uint16
+		policyStatusMaxConcurrency  uint16
+		rootPolicyMaxConcurrency    uint16
+		replPolicyMaxConcurrency    uint16
 		enableWebhooks              bool
 		complianceAPIHost           string
 		complianceAPIPort           string
@@ -143,37 +143,37 @@ func main() {
 			"Enabling this will ensure there is only one active controller manager.")
 	pflag.BoolVar(&enableWebhooks, "enable-webhooks", true,
 		"Enable the policy validating webhook")
-	pflag.UintVar(
+	pflag.Uint32Var(
 		&keyRotationDays,
 		"encryption-key-rotation",
 		30,
 		"The number of days until the policy encryption key is rotated",
 	)
-	pflag.UintVar(
+	pflag.Uint16Var(
 		&keyRotationMaxConcurrency,
 		"key-rotation-max-concurrency",
 		10,
 		"The maximum number of concurrent reconciles for the policy-encryption-keys controller",
 	)
-	pflag.UintVar(
+	pflag.Uint16Var(
 		&policyMetricsMaxConcurrency,
 		"policy-metrics-max-concurrency",
 		5,
 		"The maximum number of concurrent reconciles for the policy-metrics controller",
 	)
-	pflag.UintVar(
+	pflag.Uint16Var(
 		&policyStatusMaxConcurrency,
 		"policy-status-max-concurrency",
 		5,
 		"The maximum number of concurrent reconciles for the policy-status controller",
 	)
-	pflag.UintVar(
+	pflag.Uint16Var(
 		&rootPolicyMaxConcurrency,
 		"root-policy-max-concurrency",
 		2,
 		"The maximum number of concurrent reconciles for the root-policy controller",
 	)
-	pflag.UintVar(
+	pflag.Uint16Var(
 		&replPolicyMaxConcurrency,
 		"replicated-policy-max-concurrency",
 		10,