++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=a332f934f5fc432c8261e96e162448e9 + openstack domain show a332f934f5fc432c8261e96e162448e9 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | a332f934f5fc432c8261e96e162448e9 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=a332f934f5fc432c8261e96e162448e9 --description 'Service User for RegionOne/heat' --password=4vCJtIYbzPag45vRFsnqh41Qe1DnMINd heat-stack-user-RegionOne + SERVICE_OS_USERID=eb6cf6d10431456daa005b5f600f247f + openstack user set --password=4vCJtIYbzPag45vRFsnqh41Qe1DnMINd eb6cf6d10431456daa005b5f600f247f + openstack user show eb6cf6d10431456daa005b5f600f247f +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | a332f934f5fc432c8261e96e162448e9 | | email | None | | enabled | True | | id | eb6cf6d10431456daa005b5f600f247f | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=660f35a2bd504600ad1be28e5fce1aad + openstack role add --domain=a332f934f5fc432c8261e96e162448e9 --user=eb6cf6d10431456daa005b5f600f247f --user-domain=a332f934f5fc432c8261e96e162448e9 660f35a2bd504600ad1be28e5fce1aad + openstack role assignment list --role=660f35a2bd504600ad1be28e5fce1aad --user-domain=a332f934f5fc432c8261e96e162448e9 --user=eb6cf6d10431456daa005b5f600f247f +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 660f35a2bd504600ad1be28e5fce1aad | eb6cf6d10431456daa005b5f600f247f | | | a332f934f5fc432c8261e96e162448e9 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+