diff --git a/CHANGELOG.md b/CHANGELOG.md
index 937cd7a66372e4a77610a29ca8b24d7ba68b5663..c0d9ccfdea03cc4a8992bfa894761c06bad6452c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,11 @@
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ---
+
+## [1.12.16-bb.1]
+### Fixed
+- allow-istio network policy fixed to remove duplicate ports
+
 ## [1.12.16-bb.0]
 ### Changed
 - Bumped upstream chart version to 1.12.16
diff --git a/chart/templates/bigbang/networkpolicies/allow-istio.yaml b/chart/templates/bigbang/networkpolicies/allow-istio.yaml
index fe1754182379fdec8e54b269c20d1619cde4a469..8a47d656880213957af1222971991589b4c84d47 100644
--- a/chart/templates/bigbang/networkpolicies/allow-istio.yaml
+++ b/chart/templates/bigbang/networkpolicies/allow-istio.yaml
@@ -20,52 +20,9 @@ spec:
     ports:
     - port: {{ .Values.anchoreApi.service.port }} # anchore engine api (default: 8228)
       protocol: TCP
-    - port: {{ .Values.anchoreCatalog.service.port }} # anchore catalog api (default: 8082)
-      protocol: TCP
-    - port: {{ .Values.anchorePolicyEngine.service.port }} # anchore policy engine api (default: 8087)
-      protocol: TCP
-    - port: {{ .Values.anchoreSimpleQueue.service.port }} # anchore simplequeue api (default: 8083)
-      protocol: TCP
-    {{- if not (hasKey .Values.postgresql "enabled") }}
-    - port: 5432 # in-cluster postgresql anchore db
-      protocol: TCP
-    {{- end }}
-    {{- if hasKey .Values.postgresql "enabled" }}
-    {{- if (not .Values.postgresql.enabled) }}
-    - port: "{{$v := .Values.postgresql.externalEndpoint | split ":"}}{{$v._1}}" # in-cluster postgresql anchore db (default: 5432)
-      protocol: TCP
-    {{- end }}
-    {{- end }}
-    {{- if .Values.anchoreEnterpriseGlobal.enabled }}
-    - port: {{ .Values.anchoreEnterpriseFeeds.service.port }} # anchore enterprise feeds api (default: 8448)
-      protocol: TCP
-    - port: {{ .Values.anchoreEnterpriseRbac.service.apiPort }} # anchore enterprise rbac manager api (default: 8229)
-      protocol: TCP
-    - port: {{ .Values.anchoreEnterpriseReports.service.port }} # anchore enterprise reports api (default: 8558)
-      protocol: TCP
-    - port: {{ .Values.anchoreEnterpriseNotifications.service.port }} # anchore enterprise notifications api (default: 8668)
-      protocol: TCP
+    {{- if and .Values.anchoreEnterpriseGlobal.enabled .Values.anchoreEnterpriseUi.enabled }}
     - port: 3000 # anchore enterprise UI (default: 3000; note: Big Bang has configured Istio to use port 80)
       protocol: TCP
-    {{- if not (hasKey (index .Values "anchore-ui-redis") "enabled") }}
-    - port: 6379 # in-cluster redis anchore enterprise UI dependency
-      protocol: TCP
-    {{- end }}
-    {{- if hasKey (index .Values "anchore-ui-redis") "enabled" }}
-    {{- if (not (index .Values "anchore-ui-redis" "enabled")) }}
-    - port: "{{$v := (index .Values "anchore-ui-redis" "externalEndpoint") | split ":"}}{{$v._3}}" # in-cluster redis anchore enterprise UI dependency (default: 6379)
-      protocol: TCP
-    {{- end }}
-    {{- end }}
-    {{- if not (and (hasKey (index .Values "anchore-feeds-db") "enabled")) }}
-    - port: 5432 # in-cluster postgresql anchore enterprise feeds db
-    {{- end }}
-    {{- if and (hasKey (index .Values "anchore-feeds-db") "enabled") }}
-    {{- if (not (index .Values "anchore-feeds-db" "enabled")) }}
-    - port: "{{$v := (index .Values "anchore-feeds-db" "externalEndpoint") | split ":"}}{{$v._1}}" # in-cluster postgresql anchore enterprise feeds db (default: 5432)
-      protocol: TCP
-    {{- end }}
-    {{- end }}
     {{- end }}
   egress:
   - to: