Was the command vault login -method=approle role_id=$ROLE_ID secret_id=$SECRET_ID
ever supported? It yields a misleading error message.
Unknown auth method: approle. Use "vault auth list" to see the complete list
of auth methods. Additionally, some auth methods are only available via the
HTTP API.
I later found that I would have to use this instead:
vault login $(vault write auth/approle/login \
role_id="$ROLE_ID" \
secret_id="$SECRET_ID" \
--format=json \
| jq -r .auth.client_token
)