++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=2590bc66625c4d68ac979987c8f79a5d + openstack domain show 2590bc66625c4d68ac979987c8f79a5d +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 2590bc66625c4d68ac979987c8f79a5d | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=2590bc66625c4d68ac979987c8f79a5d --description 'Service User for RegionOne/heat' --password=5HPloOFWieNXlUK7cKXiVZyPgelkVQo8 heat-stack-user-RegionOne + SERVICE_OS_USERID=358e5a63bf4c4da2b680d8dbb42e33b3 + openstack user set --password=5HPloOFWieNXlUK7cKXiVZyPgelkVQo8 358e5a63bf4c4da2b680d8dbb42e33b3 + openstack user show 358e5a63bf4c4da2b680d8dbb42e33b3 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 2590bc66625c4d68ac979987c8f79a5d | | email | None | | enabled | True | | id | 358e5a63bf4c4da2b680d8dbb42e33b3 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=e9752d2375cc41d29f1531b7533cb45c + openstack role add --domain=2590bc66625c4d68ac979987c8f79a5d --user=358e5a63bf4c4da2b680d8dbb42e33b3 --user-domain=2590bc66625c4d68ac979987c8f79a5d e9752d2375cc41d29f1531b7533cb45c + openstack role assignment list --role=e9752d2375cc41d29f1531b7533cb45c --user-domain=2590bc66625c4d68ac979987c8f79a5d --user=358e5a63bf4c4da2b680d8dbb42e33b3 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | e9752d2375cc41d29f1531b7533cb45c | 358e5a63bf4c4da2b680d8dbb42e33b3 | | | 2590bc66625c4d68ac979987c8f79a5d | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+