++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=32adcd578dc24384a760a21fe7bcf244 + openstack domain show 32adcd578dc24384a760a21fe7bcf244 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 32adcd578dc24384a760a21fe7bcf244 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=32adcd578dc24384a760a21fe7bcf244 --description 'Service User for RegionOne/heat' --password=nV18Eww2NSmvrSQN5Kmu0xtBdIOrElDh heat-stack-user-RegionOne + SERVICE_OS_USERID=98a922f011b24e12bd2a518e48a3ac90 + openstack user set --password=nV18Eww2NSmvrSQN5Kmu0xtBdIOrElDh 98a922f011b24e12bd2a518e48a3ac90 + openstack user show 98a922f011b24e12bd2a518e48a3ac90 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 32adcd578dc24384a760a21fe7bcf244 | | email | None | | enabled | True | | id | 98a922f011b24e12bd2a518e48a3ac90 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=cc1441bb0cc343319c7abb5c3f0dc3ba + openstack role add --domain=32adcd578dc24384a760a21fe7bcf244 --user=98a922f011b24e12bd2a518e48a3ac90 --user-domain=32adcd578dc24384a760a21fe7bcf244 cc1441bb0cc343319c7abb5c3f0dc3ba + openstack role assignment list --role=cc1441bb0cc343319c7abb5c3f0dc3ba --user-domain=32adcd578dc24384a760a21fe7bcf244 --user=98a922f011b24e12bd2a518e48a3ac90 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | cc1441bb0cc343319c7abb5c3f0dc3ba | 98a922f011b24e12bd2a518e48a3ac90 | | | 32adcd578dc24384a760a21fe7bcf244 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+