++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=2f07a4ede19f48e6ae5cc7c2f1b685ec + openstack domain show 2f07a4ede19f48e6ae5cc7c2f1b685ec +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 2f07a4ede19f48e6ae5cc7c2f1b685ec | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=2f07a4ede19f48e6ae5cc7c2f1b685ec --description 'Service User for RegionOne/heat' --password=Y8kve4LuHOoWvWia6ZiCvbNuIP93GXas heat-stack-user-RegionOne + SERVICE_OS_USERID=5742fd441d88446da34bd919d5cff7af + openstack user set --password=Y8kve4LuHOoWvWia6ZiCvbNuIP93GXas 5742fd441d88446da34bd919d5cff7af + openstack user show 5742fd441d88446da34bd919d5cff7af +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 2f07a4ede19f48e6ae5cc7c2f1b685ec | | email | None | | enabled | True | | id | 5742fd441d88446da34bd919d5cff7af | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=349f549dcaa740e38f4163faf2ead440 + openstack role add --domain=2f07a4ede19f48e6ae5cc7c2f1b685ec --user=5742fd441d88446da34bd919d5cff7af --user-domain=2f07a4ede19f48e6ae5cc7c2f1b685ec 349f549dcaa740e38f4163faf2ead440 + openstack role assignment list --role=349f549dcaa740e38f4163faf2ead440 --user-domain=2f07a4ede19f48e6ae5cc7c2f1b685ec --user=5742fd441d88446da34bd919d5cff7af +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 349f549dcaa740e38f4163faf2ead440 | 5742fd441d88446da34bd919d5cff7af | | | 2f07a4ede19f48e6ae5cc7c2f1b685ec | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+