++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=affad69826a84e59b2316c91a185bcd9 + openstack domain show affad69826a84e59b2316c91a185bcd9 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | affad69826a84e59b2316c91a185bcd9 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=affad69826a84e59b2316c91a185bcd9 --description 'Service User for RegionOne/heat' --password=tPkb9cd7A56w7RL2ZTWxai3zN3U0Bh3c heat-stack-user-RegionOne + SERVICE_OS_USERID=c99e17401b2c4e66b947208ea86d0850 + openstack user set --password=tPkb9cd7A56w7RL2ZTWxai3zN3U0Bh3c c99e17401b2c4e66b947208ea86d0850 + openstack user show c99e17401b2c4e66b947208ea86d0850 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | affad69826a84e59b2316c91a185bcd9 | | email | None | | enabled | True | | id | c99e17401b2c4e66b947208ea86d0850 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=be54a83d65014fb58f0185f13a9a947f + openstack role add --domain=affad69826a84e59b2316c91a185bcd9 --user=c99e17401b2c4e66b947208ea86d0850 --user-domain=affad69826a84e59b2316c91a185bcd9 be54a83d65014fb58f0185f13a9a947f + openstack role assignment list --role=be54a83d65014fb58f0185f13a9a947f --user-domain=affad69826a84e59b2316c91a185bcd9 --user=c99e17401b2c4e66b947208ea86d0850 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | be54a83d65014fb58f0185f13a9a947f | c99e17401b2c4e66b947208ea86d0850 | | | affad69826a84e59b2316c91a185bcd9 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+