++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=83a7a35adbf64b2d992c1e46a94b4b38 + openstack domain show 83a7a35adbf64b2d992c1e46a94b4b38 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 83a7a35adbf64b2d992c1e46a94b4b38 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=83a7a35adbf64b2d992c1e46a94b4b38 --description 'Service User for RegionOne/heat' --password=tTaC8FGTRKYh4hEhXpKIV1JWe7IrrZzI heat-stack-user-RegionOne + SERVICE_OS_USERID=bd51fa9804174f41a834fda432ae8df3 + openstack user set --password=tTaC8FGTRKYh4hEhXpKIV1JWe7IrrZzI bd51fa9804174f41a834fda432ae8df3 + openstack user show bd51fa9804174f41a834fda432ae8df3 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 83a7a35adbf64b2d992c1e46a94b4b38 | | email | None | | enabled | True | | id | bd51fa9804174f41a834fda432ae8df3 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=47b1e90963684ee1aa13225040774686 + openstack role add --domain=83a7a35adbf64b2d992c1e46a94b4b38 --user=bd51fa9804174f41a834fda432ae8df3 --user-domain=83a7a35adbf64b2d992c1e46a94b4b38 47b1e90963684ee1aa13225040774686 + openstack role assignment list --role=47b1e90963684ee1aa13225040774686 --user-domain=83a7a35adbf64b2d992c1e46a94b4b38 --user=bd51fa9804174f41a834fda432ae8df3 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 47b1e90963684ee1aa13225040774686 | bd51fa9804174f41a834fda432ae8df3 | | | 83a7a35adbf64b2d992c1e46a94b4b38 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+