++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=082e30dab34044d9b354454a3f923e36 + openstack domain show 082e30dab34044d9b354454a3f923e36 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 082e30dab34044d9b354454a3f923e36 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=082e30dab34044d9b354454a3f923e36 --description 'Service User for RegionOne/heat' --password=6gJ0EG17eyqMkvpdY0bW96kkV2xOI4ZI heat-stack-user-RegionOne + SERVICE_OS_USERID=45b6e88f32644c6aaf33cb9fef05e6da + openstack user set --password=6gJ0EG17eyqMkvpdY0bW96kkV2xOI4ZI 45b6e88f32644c6aaf33cb9fef05e6da + openstack user show 45b6e88f32644c6aaf33cb9fef05e6da +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 082e30dab34044d9b354454a3f923e36 | | email | None | | enabled | True | | id | 45b6e88f32644c6aaf33cb9fef05e6da | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=14a068252b9145929d5ad3e2f7707704 + openstack role add --domain=082e30dab34044d9b354454a3f923e36 --user=45b6e88f32644c6aaf33cb9fef05e6da --user-domain=082e30dab34044d9b354454a3f923e36 14a068252b9145929d5ad3e2f7707704 + openstack role assignment list --role=14a068252b9145929d5ad3e2f7707704 --user-domain=082e30dab34044d9b354454a3f923e36 --user=45b6e88f32644c6aaf33cb9fef05e6da +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 14a068252b9145929d5ad3e2f7707704 | 45b6e88f32644c6aaf33cb9fef05e6da | | | 082e30dab34044d9b354454a3f923e36 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+