++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=5870737734644ee5bb481a35a0d3f747 + openstack domain show 5870737734644ee5bb481a35a0d3f747 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 5870737734644ee5bb481a35a0d3f747 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=5870737734644ee5bb481a35a0d3f747 --description 'Service User for RegionOne/heat' --password=1HENj3tsYq6VxxTIZldWk1Al9bDogexR heat-stack-user-RegionOne + SERVICE_OS_USERID=3eb62e825fc344d0bdfa5d47f384ba45 + openstack user set --password=1HENj3tsYq6VxxTIZldWk1Al9bDogexR 3eb62e825fc344d0bdfa5d47f384ba45 + openstack user show 3eb62e825fc344d0bdfa5d47f384ba45 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 5870737734644ee5bb481a35a0d3f747 | | email | None | | enabled | True | | id | 3eb62e825fc344d0bdfa5d47f384ba45 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=6ea199746605478db86a2aa5718f2ebc + openstack role add --domain=5870737734644ee5bb481a35a0d3f747 --user=3eb62e825fc344d0bdfa5d47f384ba45 --user-domain=5870737734644ee5bb481a35a0d3f747 6ea199746605478db86a2aa5718f2ebc + openstack role assignment list --role=6ea199746605478db86a2aa5718f2ebc --user-domain=5870737734644ee5bb481a35a0d3f747 --user=3eb62e825fc344d0bdfa5d47f384ba45 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 6ea199746605478db86a2aa5718f2ebc | 3eb62e825fc344d0bdfa5d47f384ba45 | | | 5870737734644ee5bb481a35a0d3f747 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+