++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=a15faa83044e48c7b37851bb32c72fc4 + openstack domain show a15faa83044e48c7b37851bb32c72fc4 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | a15faa83044e48c7b37851bb32c72fc4 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=a15faa83044e48c7b37851bb32c72fc4 --description 'Service User for RegionOne/heat' --password=KPgUMwepatQUG8rqkFcERXm3hGXyCo19 heat-stack-user-RegionOne + SERVICE_OS_USERID=c3d1f82aa7de440eaf35ae24484f863a + openstack user set --password=KPgUMwepatQUG8rqkFcERXm3hGXyCo19 c3d1f82aa7de440eaf35ae24484f863a + openstack user show c3d1f82aa7de440eaf35ae24484f863a +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | a15faa83044e48c7b37851bb32c72fc4 | | email | None | | enabled | True | | id | c3d1f82aa7de440eaf35ae24484f863a | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=70b0f5f6cf2e41fd8413e4958220d5d3 + openstack role add --domain=a15faa83044e48c7b37851bb32c72fc4 --user=c3d1f82aa7de440eaf35ae24484f863a --user-domain=a15faa83044e48c7b37851bb32c72fc4 70b0f5f6cf2e41fd8413e4958220d5d3 + openstack role assignment list --role=70b0f5f6cf2e41fd8413e4958220d5d3 --user-domain=a15faa83044e48c7b37851bb32c72fc4 --user=c3d1f82aa7de440eaf35ae24484f863a +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 70b0f5f6cf2e41fd8413e4958220d5d3 | c3d1f82aa7de440eaf35ae24484f863a | | | a15faa83044e48c7b37851bb32c72fc4 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+