diff --git a/ci/roles/user_role/defaults/main.yaml b/ci/roles/user_role/defaults/main.yaml
new file mode 100644
index 00000000..0c09cb7f
--- /dev/null
+++ b/ci/roles/user_role/defaults/main.yaml
@@ -0,0 +1,4 @@
+domain_name: ansible_domain
+user_name: ansible_user
+group_name: ansible_group
+keystone_role_name: anotherrole
diff --git a/ci/roles/user_role/tasks/main.yaml b/ci/roles/user_role/tasks/main.yaml
new file mode 100644
index 00000000..406e2bb2
--- /dev/null
+++ b/ci/roles/user_role/tasks/main.yaml
@@ -0,0 +1,96 @@
+- name: Create domain
+  openstack.cloud.os_keystone_domain:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ domain_name }}"
+  register: domain
+
+- name: Create group in default domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ group_name }}"
+     domain_id: default
+
+- name: Create group in specific domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ group_name }}"
+     domain_id: "{{ domain.id }}"
+
+- name: Create user in default domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ user_name }}"
+     domain: default
+
+- name: Create user in specific domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: present
+     name: "{{ user_name }}"
+     domain: "{{ domain.id }}"
+
+- name: Assign role to group in default domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    group: "{{ group_name }}"
+    domain: default
+
+- name: Assign role to group in specific domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    group: "{{ group_name }}"
+    domain: "{{ domain.id }}"
+
+- name: Assign role to user in default domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    user: "{{ user_name }}"
+    domain: default
+
+- name: Assign role to user in specific domain
+  openstack.cloud.os_user_role:
+    cloud: "{{ cloud }}"
+    role: "{{ keystone_role_name }}"
+    user: "{{ user_name }}"
+    domain: "{{ domain.id }}"
+
+- name: Delete group in default domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ group_name }}"
+     domain_id: default
+
+- name: Delete group in specific domain
+  openstack.cloud.os_group:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ group_name }}"
+     domain_id: "{{ domain.id }}"
+
+- name: Delete user in default domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ user_name }}"
+     domain: default
+
+- name: Delete user in specific domain
+  openstack.cloud.os_user:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ user_name }}"
+     domain: "{{ domain.id }}"
+
+- name: Delete domain
+  openstack.cloud.os_keystone_domain:
+     cloud: "{{ cloud }}"
+     state: absent
+     name: "{{ domain_name }}"
diff --git a/ci/run-collection.yml b/ci/run-collection.yml
index 9340ccd0..78e10412 100644
--- a/ci/run-collection.yml
+++ b/ci/run-collection.yml
@@ -23,4 +23,5 @@
     - { role: subnet, tags: subnet }
     - { role: user, tags: user }
     - { role: user_group, tags: user_group }
+    - { role: user_role, tags: user_role }
     - { role: volume, tags: volume }