diff --git a/CHANGELOG.md b/CHANGELOG.md
index 618a676e6aa26d1070cca68f286ccab83b31a950..d4d5ae85a7c99aaa26fd9503605ed94992fafc9e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+---
+## [29.1.0-bb.5] - 2021-06-30
+### Added
+- Network policy to allow prometheus scraping of istio envoy sidecar
+
 ## [29.1.0-bb.4]
 ### Changed
 - kube-api network policy toggle
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
index 9e9aac2264366f95eadb5a8c3a06e170137be71c..878cde7a21a7e0471925fa5d410aa56afa4401b8 100644
--- a/chart/Chart.yaml
+++ b/chart/Chart.yaml
@@ -1,6 +1,6 @@
 apiVersion: v2
 name: nexus-repository-manager
-version: 29.1.0-bb.4
+version: 29.1.0-bb.5
 appVersion: 3.29.0
 description: Sonatype Nexus Repository Manager - Universal Binary repository
 type: application
diff --git a/chart/templates/bigbang/networkpolicies/allow-ingress-prometheus.yaml b/chart/templates/bigbang/networkpolicies/allow-ingress-prometheus.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..dd5e1d5260e27364929834b2335cf56229708d95
--- /dev/null
+++ b/chart/templates/bigbang/networkpolicies/allow-ingress-prometheus.yaml
@@ -0,0 +1,22 @@
+{{- if and .Values.networkPolicies.enabled .Values.monitoring.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-ingress-prometheus
+  namespace: {{ .Release.Namespace }}
+spec:
+  podSelector: {}
+  policyTypes:
+    - Ingress
+  ingress:
+  - from:
+    - namespaceSelector:
+        matchLabels:
+          app.kubernetes.io/name: monitoring
+      podSelector:
+        matchLabels:
+          app: prometheus
+    ports:
+    - protocol: TCP
+      port: 15020
+{{- end }}