++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=0a19456bf5e44d13a808c565d8b433a2 + openstack domain show 0a19456bf5e44d13a808c565d8b433a2 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 0a19456bf5e44d13a808c565d8b433a2 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=0a19456bf5e44d13a808c565d8b433a2 --description 'Service User for RegionOne/heat' --password=RAWieY2Vfv58KE80n8D21zaIyWHa2ZB3 heat-stack-user-RegionOne + SERVICE_OS_USERID=74aa2009b4d44baf9957921fdbf886f3 + openstack user set --password=RAWieY2Vfv58KE80n8D21zaIyWHa2ZB3 74aa2009b4d44baf9957921fdbf886f3 + openstack user show 74aa2009b4d44baf9957921fdbf886f3 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 0a19456bf5e44d13a808c565d8b433a2 | | email | None | | enabled | True | | id | 74aa2009b4d44baf9957921fdbf886f3 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=bc8ad45aa63d4ce0be04e5a2c50ba2a1 + openstack role add --domain=0a19456bf5e44d13a808c565d8b433a2 --user=74aa2009b4d44baf9957921fdbf886f3 --user-domain=0a19456bf5e44d13a808c565d8b433a2 bc8ad45aa63d4ce0be04e5a2c50ba2a1 + openstack role assignment list --role=bc8ad45aa63d4ce0be04e5a2c50ba2a1 --user-domain=0a19456bf5e44d13a808c565d8b433a2 --user=74aa2009b4d44baf9957921fdbf886f3 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | bc8ad45aa63d4ce0be04e5a2c50ba2a1 | 74aa2009b4d44baf9957921fdbf886f3 | | | 0a19456bf5e44d13a808c565d8b433a2 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+