++ openstack domain create --or-show --enable -f value -c id '--description=Service Domain for RegionOne/heat' heat + SERVICE_OS_DOMAIN_ID=60e6ab7c3f774090ab3ddca7060cc7c8 + openstack domain show 60e6ab7c3f774090ab3ddca7060cc7c8 +-------------+-----------------------------------+ | Field | Value | +-------------+-----------------------------------+ | id | 60e6ab7c3f774090ab3ddca7060cc7c8 | | name | heat | | enabled | True | | description | Service Domain for RegionOne/heat | | options | {} | +-------------+-----------------------------------+ ++ openstack user create --or-show --enable -f value -c id --domain=60e6ab7c3f774090ab3ddca7060cc7c8 --description 'Service User for RegionOne/heat' --password=wmCtTdDDTmlYyt93cVqjax732jShjItF heat-stack-user-RegionOne + SERVICE_OS_USERID=b3823027fa944c73b06a543c69613cd2 + openstack user set --password=wmCtTdDDTmlYyt93cVqjax732jShjItF b3823027fa944c73b06a543c69613cd2 + openstack user show b3823027fa944c73b06a543c69613cd2 +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | default_project_id | None | | domain_id | 60e6ab7c3f774090ab3ddca7060cc7c8 | | email | None | | enabled | True | | id | b3823027fa944c73b06a543c69613cd2 | | name | heat-stack-user-RegionOne | | description | Service User for RegionOne/heat | | password_expires_at | None | | options | {} | +---------------------+----------------------------------+ ++ openstack role show -f value -c id admin + SERVICE_OS_ROLE_ID=88cc594c75104d05a55f542f719997ca + openstack role add --domain=60e6ab7c3f774090ab3ddca7060cc7c8 --user=b3823027fa944c73b06a543c69613cd2 --user-domain=60e6ab7c3f774090ab3ddca7060cc7c8 88cc594c75104d05a55f542f719997ca + openstack role assignment list --role=88cc594c75104d05a55f542f719997ca --user-domain=60e6ab7c3f774090ab3ddca7060cc7c8 --user=b3823027fa944c73b06a543c69613cd2 +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | Role | User | Group | Project | Domain | System | Inherited | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+ | 88cc594c75104d05a55f542f719997ca | b3823027fa944c73b06a543c69613cd2 | | | 60e6ab7c3f774090ab3ddca7060cc7c8 | | False | +----------------------------------+----------------------------------+-------+---------+----------------------------------+--------+-----------+