++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=eeb976a144474ce6bf7b0a1293b2f7ad + openstack domain show eeb976a144474ce6bf7b0a1293b2f7ad +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | eeb976a144474ce6bf7b0a1293b2f7ad | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=eeb976a144474ce6bf7b0a1293b2f7ad --description 'Service User for RegionOne/heat' --password=erVNIaVXF3FFjdqdVBJZJGCByEdaTFb2 heat-stack-user-RegionOne + SERVICE_OS_USERID=536e05b5fc204b56bd161626ab7671ea + openstack user set --password=erVNIaVXF3FFjdqdVBJZJGCByEdaTFb2 536e05b5fc204b56bd161626ab7671ea + openstack user show 536e05b5fc204b56bd161626ab7671ea +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | eeb976a144474ce6bf7b0a1293b2f7ad | | email | None | | enabled | True | | id | 536e05b5fc204b56bd161626ab7671ea | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=a5ecf0c358f54c1e8320d3ec00da5d93 + openstack role add --domain=eeb976a144474ce6bf7b0a1293b2f7ad --user=536e05b5fc204b56bd161626ab7671ea --user-domain=eeb976a144474ce6bf7b0a1293b2f7ad a5ecf0c358f54c1e8320d3ec00da5d93 + openstack role assignment list --role=a5ecf0c358f54c1e8320d3ec00da5d93 --user-domain=eeb976a144474ce6bf7b0a1293b2f7ad --user=536e05b5fc204b56bd161626ab7671ea +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | a5ecf0c358f54c1e8320d3ec00da5d93 | 536e05b5fc204b56bd161626ab7671ea | | | eeb976a144474ce6bf7b0a1293b2f7ad | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+