Comment 2 for bug 2059780

Currently some resources in heat can't be created when
 - enforce_new_default and enforce_scope are both True in keystone.
and
 - dedicated domain (which is configured by stack_user_domain_id/name) is used for heat template-defined users

Heat attempts to create a user within the stack domain for notifications but the process to create the user fails because heat can't list roles with domain admin credential.

```
pr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource Traceback (most recent call last):
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/opt/stack/heat/heat/engine/resource.py", line 922, in _action_recorder
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource yield
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/opt/stack/heat/heat/engine/resource.py", line 1034, in _do_action
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource yield from self.action_handler_task(action, args=handler_args)
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/opt/stack/heat/heat/engine/resource.py", line 976, in action_handler_task
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource handler_data = handler(*args)
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/opt/stack/heat/heat/engine/resources/openstack/heat/scaling_policy.py", line 127, in handle_create
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource super(AutoScalingPolicy, self).handle_create()
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/opt/stack/heat/heat/engine/resources/stack_user.py", line 30, in handle_create
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource self._create_user()
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/opt/stack/heat/heat/engine/resources/stack_user.py", line 44, in _create_user
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource user_id = self.keystone().create_stack_domain_user(
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/opt/stack/heat/heat/engine/clients/os/keystone/heat_keystoneclient.py", line 373, in create_stack_domain_user
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource stack_user_role = self.domain_admin_client.roles.list(
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/usr/local/lib/python3.10/dist-packages/keystoneclient/v3/roles.py", line 203, in list
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource return super(RoleManager, self).list(**kwargs)
...
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource File "/usr/local/lib/python3.10/dist-packages/keystoneauth1/session.py", line 985, in request
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource raise exceptions.from_response(resp, method, url)
Apr 10 13:13:22.850754 np0037258084 heat-engine[89669]: 2024-04-10 13:13:22.847 89669 TRACE heat.engine.resource keystoneauth1.exceptions.http.Forbidden: You are not authorized to perform the requested action: identity:list_roles. (HTTP 403) (Request-ID: req-788fee8a-55e0-4070-921f-8558c2939b48)
```