++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=4699f433c0f0438ea06c0f74a5cab920 + openstack domain show 4699f433c0f0438ea06c0f74a5cab920 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 4699f433c0f0438ea06c0f74a5cab920 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=4699f433c0f0438ea06c0f74a5cab920 --description 'Service User for RegionOne/heat' --password=s168X4aWnuglFsrObUoNoJnSvPPnnseM heat-stack-user-RegionOne + SERVICE_OS_USERID=e4a691dfaa9f4c5b800abd2a4d7272b9 + openstack user set --password=s168X4aWnuglFsrObUoNoJnSvPPnnseM e4a691dfaa9f4c5b800abd2a4d7272b9 + openstack user show e4a691dfaa9f4c5b800abd2a4d7272b9 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 4699f433c0f0438ea06c0f74a5cab920 | | email | None | | enabled | True | | id | e4a691dfaa9f4c5b800abd2a4d7272b9 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=b9947b72c92c4196831b615e271cf689 + openstack role add --domain=4699f433c0f0438ea06c0f74a5cab920 --user=e4a691dfaa9f4c5b800abd2a4d7272b9 --user-domain=4699f433c0f0438ea06c0f74a5cab920 b9947b72c92c4196831b615e271cf689 + openstack role assignment list --role=b9947b72c92c4196831b615e271cf689 --user-domain=4699f433c0f0438ea06c0f74a5cab920 --user=e4a691dfaa9f4c5b800abd2a4d7272b9 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | b9947b72c92c4196831b615e271cf689 | e4a691dfaa9f4c5b800abd2a4d7272b9 | | | 4699f433c0f0438ea06c0f74a5cab920 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+