++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=fd2ca63faa224c5d9cec7d1329b4dcd0 + openstack domain show fd2ca63faa224c5d9cec7d1329b4dcd0 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | fd2ca63faa224c5d9cec7d1329b4dcd0 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=fd2ca63faa224c5d9cec7d1329b4dcd0 --description 'Service User for RegionOne/heat' --password=zDnQ2EvoTKtmCYm33hOCAmk4GxCGugdP heat-stack-user-RegionOne + SERVICE_OS_USERID=a89fc24489ae451eb88d0b659a03de91 + openstack user set --password=zDnQ2EvoTKtmCYm33hOCAmk4GxCGugdP a89fc24489ae451eb88d0b659a03de91 + openstack user show a89fc24489ae451eb88d0b659a03de91 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | fd2ca63faa224c5d9cec7d1329b4dcd0 | | email | None | | enabled | True | | id | a89fc24489ae451eb88d0b659a03de91 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=b3847334e0c94c958ec2c9b6de1d6f3a + openstack role add --domain=fd2ca63faa224c5d9cec7d1329b4dcd0 --user=a89fc24489ae451eb88d0b659a03de91 --user-domain=fd2ca63faa224c5d9cec7d1329b4dcd0 b3847334e0c94c958ec2c9b6de1d6f3a + openstack role assignment list --role=b3847334e0c94c958ec2c9b6de1d6f3a --user-domain=fd2ca63faa224c5d9cec7d1329b4dcd0 --user=a89fc24489ae451eb88d0b659a03de91 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | b3847334e0c94c958ec2c9b6de1d6f3a | a89fc24489ae451eb88d0b659a03de91 | | | fd2ca63faa224c5d9cec7d1329b4dcd0 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+