diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml
index 66e0343af8..c09013562a 100755
--- a/heat/templates/deployment-api.yaml
+++ b/heat/templates/deployment-api.yaml
@@ -49,10 +49,10 @@ spec:
             - --config-dir
             - /etc/heat/conf
           ports:
-            - containerPort: {{ .Values.service.api.port }}
+            - containerPort: {{ .Values.network.api.port }}
           readinessProbe:
             tcpSocket:
-              port: {{ .Values.service.api.port }}
+              port: {{ .Values.network.api.port }}
           volumeMounts:
             - name: pod-etc-heat
               mountPath: /etc/heat
diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml
index 8bd0fcbd25..84cd91f717 100644
--- a/heat/templates/deployment-cfn.yaml
+++ b/heat/templates/deployment-cfn.yaml
@@ -49,10 +49,10 @@ spec:
             - --config-dir
             - /etc/heat/conf
           ports:
-            - containerPort: {{ .Values.service.cfn.port }}
+            - containerPort: {{ .Values.network.cfn.port }}
           readinessProbe:
             tcpSocket:
-              port: {{ .Values.service.cfn.port }}
+              port: {{ .Values.network.cfn.port }}
           volumeMounts:
             - name: pod-etc-heat
               mountPath: /etc/heat
diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml
index 97ccddd447..d1b99af46d 100644
--- a/heat/templates/deployment-cloudwatch.yaml
+++ b/heat/templates/deployment-cloudwatch.yaml
@@ -49,10 +49,10 @@ spec:
             - --config-dir
             - /etc/heat/conf
           ports:
-            - containerPort: {{ .Values.service.cloudwatch.port }}
+            - containerPort: {{ .Values.network.cloudwatch.port }}
           readinessProbe:
             tcpSocket:
-              port: {{ .Values.service.cloudwatch.port }}
+              port: {{ .Values.network.cloudwatch.port }}
           volumeMounts:
             - name: pod-etc-heat
               mountPath: /etc/heat
diff --git a/heat/templates/etc/_heat.conf.tpl b/heat/templates/etc/_heat.conf.tpl
index 897900ad14..f6d60e6419 100644
--- a/heat/templates/etc/_heat.conf.tpl
+++ b/heat/templates/etc/_heat.conf.tpl
@@ -22,9 +22,9 @@ deferred_auth_method = "trusts"
 enable_stack_adopt = "True"
 enable_stack_abandon = "True"
 
-heat_metadata_server_url = {{ .Values.service.cfn.proto }}://{{ .Values.service.cfn.name }}:{{ .Values.service.cfn.port }}
-heat_waitcondition_server_url = {{ .Values.service.cfn.proto }}://{{ .Values.service.cfn.name }}:{{ .Values.service.cfn.port }}/v1/waitcondition
-heat_watch_server_url = {{ .Values.service.cloudwatch.proto }}://{{ .Values.service.cloudwatch.name }}:{{ .Values.service.cloudwatch.port }}
+heat_metadata_server_url = {{ tuple "cloudformation" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path }}
+heat_waitcondition_server_url = {{ tuple "cloudformation" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}/waitcondition
+heat_watch_server_url = {{ tuple "cloudwatch" "public" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | trimSuffix "/" }}
 
 num_engine_workers = {{ .Values.resources.engine.workers }}
 
@@ -47,7 +47,7 @@ max_retries = -1
 signing_dir = "/var/cache/heat"
 memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
 auth_version = v3
-auth_url = {{ include "helm-toolkit.endpoint_keystone_internal" . }}
+auth_url = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
 auth_type = password
 region_name = {{ .Values.keystone.heat_region_name }}
 project_domain_name = {{ .Values.keystone.heat_project_domain }}
@@ -57,17 +57,17 @@ username = {{ .Values.keystone.heat_user }}
 password = {{ .Values.keystone.heat_password }}
 
 [heat_api]
-bind_port = {{ .Values.service.api.port }}
+bind_port = {{ .Values.network.api.port }}
 bind_host = 0.0.0.0
 workers = {{ .Values.resources.api.workers }}
 
 [heat_api_cloudwatch]
-bind_port = {{ .Values.service.cloudwatch.port }}
+bind_port = {{ .Values.network.cloudwatch.port }}
 bind_host = 0.0.0.0
 workers = {{ .Values.resources.cloudwatch.workers }}
 
 [heat_api_cfn]
-bind_port = {{ .Values.service.cfn.port }}
+bind_port = {{ .Values.network.cfn.port }}
 bind_host = 0.0.0.0
 workers = {{ .Values.resources.cfn.workers }}
 
@@ -88,9 +88,11 @@ auth_section = "trustee_keystone"
 signing_dir = "/var/cache/heat"
 memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
 auth_version = v3
-auth_url = {{ include "helm-toolkit.endpoint_keystone_internal" . }}
+auth_url = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
 auth_type = password
 region_name = {{ .Values.keystone.heat_trustee_region_name }}
+project_domain_name = {{ .Values.keystone.heat_trustee_project_domain }}
+project_name = {{ .Values.keystone.heat_trustee_project_name }}
 user_domain_name = {{ .Values.keystone.heat_trustee_user_domain }}
 username = {{ .Values.keystone.heat_trustee_user }}
 password = {{ .Values.keystone.heat_trustee_password }}
@@ -101,4 +103,4 @@ endpoint_type = internalURL
 
 [clients_keystone]
 endpoint_type = internalURL
-auth_uri = {{ include "helm-toolkit.endpoint_keystone_internal" . }}
+auth_uri = {{ tuple "identity" "internal" "api" . | include "endpoint_type_lookup_addr" }}
diff --git a/heat/templates/job-ks-endpoints.yaml.yaml b/heat/templates/job-ks-endpoints.yaml.yaml
index 9efbbff1ac..cda77c03de 100644
--- a/heat/templates/job-ks-endpoints.yaml.yaml
+++ b/heat/templates/job-ks-endpoints.yaml.yaml
@@ -31,9 +31,9 @@ spec:
       nodeSelector:
         {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
       containers:
-{{- range $key1, $osServiceName := tuple "heat" "heat-cfn" }}
+{{- range $key1, $osServiceType := tuple "orchestration" "cloudformation" }}
 {{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }}
-        - name: {{ $osServiceName }}-ks-endpoints-{{ $osServiceEndPoint }}
+        - name: {{ $osServiceType }}-ks-endpoints-{{ $osServiceEndPoint }}
           image: {{ $envAll.Values.images.ks_endpoints }}
           imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
           {{- if $envAll.Values.resources.enabled }}
@@ -60,11 +60,11 @@ spec:
             - name: OS_SVC_ENDPOINT
               value: {{ $osServiceEndPoint }}
             - name: OS_SERVICE_NAME
-              value: {{ $osServiceName }}
+              value: {{ tuple $osServiceType $envAll | include "helm-toolkit.keystone_endpoint_name_lookup" }}
             - name: OS_SERVICE_TYPE
-              value: {{ tuple $osServiceName $envAll | include "helm-toolkit.endpoint_type_lookup" }}
+              value: {{ $osServiceType }}
             - name: OS_SERVICE_ENDPOINT
-              value: {{ tuple $osServiceName $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoint_uri_lookup" }}
+              value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.keystone_endpoint_uri_lookup" }}
 {{- end }}
 {{- end }}
       volumes:
diff --git a/heat/templates/job-ks-service.yaml b/heat/templates/job-ks-service.yaml
index 4d432154b8..5da519c1f7 100644
--- a/heat/templates/job-ks-service.yaml
+++ b/heat/templates/job-ks-service.yaml
@@ -31,8 +31,8 @@ spec:
       nodeSelector:
         {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
       containers:
-{{- range $key1, $osServiceName := tuple "heat" "heat-cfn" }}
-        - name: {{ $osServiceName }}-ks-service-registration
+{{- range $key1, $osServiceType := tuple "orchestration" "cloudformation" }}
+        - name: {{ $osServiceType }}-ks-service-registration
           image: {{ $envAll.Values.images.ks_service }}
           imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
           {{- if $envAll.Values.resources.enabled }}
@@ -57,11 +57,10 @@ spec:
 {{- include "helm-toolkit.keystone_openrc_env_vars" $env | indent 12 }}
 {{- end }}
             - name: OS_SERVICE_NAME
-              value: {{ $osServiceName }}
+              value: {{ tuple $osServiceType $envAll | include "helm-toolkit.keystone_endpoint_name_lookup" }}
             - name: OS_SERVICE_TYPE
-              value: {{ tuple $osServiceName $envAll | include "helm-toolkit.endpoint_type_lookup" }}
+              value: {{ $osServiceType }}
 {{- end }}
-
       volumes:
         - name: ks-service-sh
           configMap:
diff --git a/heat/templates/secret-keystone-admin.env.yaml b/heat/templates/secret-keystone-admin.env.yaml
index 6e07f8b09b..f8d07a4a54 100644
--- a/heat/templates/secret-keystone-admin.env.yaml
+++ b/heat/templates/secret-keystone-admin.env.yaml
@@ -19,7 +19,7 @@ metadata:
 type: Opaque
 data:
   OS_AUTH_URL: |
-{{ .Values.keystone.auth_url  | b64enc | indent 4 }}
+{{ tuple "identity" "admin" "admin" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
   OS_REGION_NAME: |
 {{ .Values.keystone.admin_region_name  | b64enc | indent 4 }}
   OS_PROJECT_DOMAIN_NAME: |
diff --git a/heat/templates/secret-keystone-stack-user.env.yaml b/heat/templates/secret-keystone-stack-user.env.yaml
index 07747e6aca..b4c610301c 100644
--- a/heat/templates/secret-keystone-stack-user.env.yaml
+++ b/heat/templates/secret-keystone-stack-user.env.yaml
@@ -18,6 +18,8 @@ metadata:
   name: {{ .Values.keystone_secrets.stack }}
 type: Opaque
 data:
+  OS_AUTH_URL: |
+{{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
   OS_REGION_NAME: |
 {{ .Values.keystone.heat_stack_region_name  | b64enc | indent 4 }}
   OS_DOMAIN_NAME: |
diff --git a/heat/templates/secret-keystone-trustee.env.yaml b/heat/templates/secret-keystone-trustee.env.yaml
index 118d45f039..c020204daa 100644
--- a/heat/templates/secret-keystone-trustee.env.yaml
+++ b/heat/templates/secret-keystone-trustee.env.yaml
@@ -19,7 +19,7 @@ metadata:
 type: Opaque
 data:
   OS_AUTH_URL: |
-{{ .Values.keystone.auth_url  | b64enc | indent 4 }}
+{{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
   OS_REGION_NAME: |
 {{ .Values.keystone.heat_trustee_region_name  | b64enc | indent 4 }}
   OS_PROJECT_DOMAIN_NAME: |
diff --git a/heat/templates/secret-keystone-user.env.yaml b/heat/templates/secret-keystone-user.env.yaml
index 1d5978d769..96dbea14d4 100644
--- a/heat/templates/secret-keystone-user.env.yaml
+++ b/heat/templates/secret-keystone-user.env.yaml
@@ -19,7 +19,7 @@ metadata:
 type: Opaque
 data:
   OS_AUTH_URL: |
-{{ .Values.keystone.auth_url  | b64enc | indent 4 }}
+{{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
   OS_REGION_NAME: |
 {{ .Values.keystone.heat_region_name  | b64enc | indent 4 }}
   OS_PROJECT_DOMAIN_NAME: |
diff --git a/heat/templates/service-api.yaml b/heat/templates/service-api.yaml
index 0529361d3c..723013891a 100644
--- a/heat/templates/service-api.yaml
+++ b/heat/templates/service-api.yaml
@@ -15,9 +15,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service.api.name }}
+  name: heat-api
 spec:
   ports:
-    - port: {{ .Values.service.api.port }}
+    - port: {{ .Values.network.api.port }}
   selector:
     app: heat-api
diff --git a/heat/templates/service-cfn.yaml b/heat/templates/service-cfn.yaml
index 37d722fc73..84c20a6fb5 100644
--- a/heat/templates/service-cfn.yaml
+++ b/heat/templates/service-cfn.yaml
@@ -15,9 +15,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service.cfn.name }}
+  name: heat-cfn
 spec:
   ports:
-    - port: {{ .Values.service.cfn.port }}
+    - port: {{ .Values.network.cfn.port }}
   selector:
     app: heat-cfn
diff --git a/heat/templates/service-cloudwatch.yaml b/heat/templates/service-cloudwatch.yaml
index 5f7912c793..a1fb726fcd 100644
--- a/heat/templates/service-cloudwatch.yaml
+++ b/heat/templates/service-cloudwatch.yaml
@@ -15,9 +15,9 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service.cloudwatch.name }}
+  name: heat-cloudwatch
 spec:
   ports:
-    - port: {{ .Values.service.cloudwatch.port }}
+    - port: {{ .Values.network.cloudwatch.port }}
   selector:
     app: heat-cloudwatch
diff --git a/heat/values.yaml b/heat/values.yaml
index 662b719e21..c07fa3539a 100644
--- a/heat/values.yaml
+++ b/heat/values.yaml
@@ -48,8 +48,6 @@ keystone_secrets:
   stack: "heat-env-keystone-stack-user"
 
 keystone:
-  auth_uri: "http://keystone-api:5000"
-  auth_url: "http://keystone-api:35357"
   admin_user: "admin"
   admin_user_domain: "default"
   admin_password: "password"
@@ -79,7 +77,7 @@ keystone:
   heat_stack_password: "password"
   heat_stack_region_name: "RegionOne"
 
-service:
+network:
   api:
     name: "heat-api"
     port: 8004
@@ -176,33 +174,34 @@ dependencies:
 # values, but should include all endpoints
 # required by this chart
 endpoints:
-  keystone:
+  identity:
+    name: keystone
     hosts:
       default: keystone-api
     path: /v3
-    type: identity
     scheme: 'http'
     port:
-        admin: 35357
-        public: 5000
-  heat:
+      admin: 35357
+      api: 5000
+  orchestration:
+    name: heat
     hosts:
       default: heat-api
     path: '/v1/%(project_id)s'
-    type: orchestration
     scheme: 'http'
     port:
       api: 8004
-  heat_cfn:
+  cloudformation:
+    name: heat-cfn
     hosts:
       default: heat-cfn
     path: /v1
-    type: cloudformation
     scheme: 'http'
     port:
       api: 8000
 # Cloudwatch does not get an entry in the keystone service catalog
-  heat_cloudwatch:
+  cloudwatch:
+    name: heat-cloudwatch
     hosts:
       default: heat-cloudwatch
     path: null