Integration


This is an IBM Automation portal for Integration products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


Add a new idea Subscribe
Status Under review
Workspace Cloud Pak for Integration (CP4I)
Created by Guest
Created on Jun 18, 2025

RELATED IDEAS

Assess and modify Cloud Pak for Integration to adhere to Kubernetes Application security controls and best practices for hardening applications to benefit Ford, IBM, and other IBM customers

To improve the availability, reliability, security, and scalable operations of Ford’s OpenShift clusters and the applications that share them, Ford Motor Company is enforcing K8s policies and best practices from Red Hat, Google, the Cloud Native Computing Foundation (CNCF), and the National Security Agency (NSA)/Infrastructure Security Agency (CISA) for hardening applications for Kubernetes platforms.

The policies ensure appropriate security, compensating controls, and operational risk mitigation – particularly in multi-tenant clusters. By improving the availability, reliability, security and scalable operations of K8s, businesses can achieve continuous, always-on operations.

Ford is requesting that IBM assess and make any required updates to the product to become compliant, preferably within 6 months.

If not compliant, the Ford-managed OpenShift Operations Team (“CaaS”) may require that Cloud Pak for Integration be uninstalled.

Further details about Ford’s policies are in Section 3 and Section 4 of the document, named ford-k8s-standards-may-2025.docx, in the IBM GitHub repository clkolde/Ford-OpenShift-Workload-Requirements

To automate assessing policy compliance and to identify any needed changes using Kyverno, Ford has provided an export of our Kyverno-enforced policies. The Kyverno policies can be found in the IBM GitHub repository clkolde/Ford-OpenShift-Workload-Requirements

Idea priority High
  • Admin
    Andy Garratt
    Jul 7, 2025

    Thanks for this - we're reviewing this to see which gaps (if any) exist within the current CP4I capabilities.

    Reply

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.