those are automated users that are created by Heat and the should
not be subject to restrictions possibly configured in Keystone
for security compliance, as those may break automated nature of things.
Create domain users with several available user options that will
make Keystone ignore:
- password expiry
- requirement to change the password on first use
- lockout after failed auth attempts
There are more things that must be done to properly secure those users
from becoming non-working, but this will be proposed in the followup
patches.
Story: 2005210
Task: 29988
Change-Id: I3152ddb82426cf66f2bd8ed69f53c77c653142bf