++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=ad1706de597b490d856788e7cd343439 + openstack domain show ad1706de597b490d856788e7cd343439 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | ad1706de597b490d856788e7cd343439 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=ad1706de597b490d856788e7cd343439 --description 'Service User for RegionOne/heat' --password=ZwADUxeBpXJcJIf1PTq0eNGz4ac5uD1u heat-stack-user-RegionOne + SERVICE_OS_USERID=00d30086d4aa438db1ad280bc451d5a2 + openstack user set --password=ZwADUxeBpXJcJIf1PTq0eNGz4ac5uD1u 00d30086d4aa438db1ad280bc451d5a2 + openstack user show 00d30086d4aa438db1ad280bc451d5a2 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | ad1706de597b490d856788e7cd343439 | | email | None | | enabled | True | | id | 00d30086d4aa438db1ad280bc451d5a2 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=37c2acaa262f466f938bc4dc373e36a0 + openstack role add --domain=ad1706de597b490d856788e7cd343439 --user=00d30086d4aa438db1ad280bc451d5a2 --user-domain=ad1706de597b490d856788e7cd343439 37c2acaa262f466f938bc4dc373e36a0 + openstack role assignment list --role=37c2acaa262f466f938bc4dc373e36a0 --user-domain=ad1706de597b490d856788e7cd343439 --user=00d30086d4aa438db1ad280bc451d5a2 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 37c2acaa262f466f938bc4dc373e36a0 | 00d30086d4aa438db1ad280bc451d5a2 | | | ad1706de597b490d856788e7cd343439 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+