At Dollar Shave Club we use Vault in a very similar fashion to what's described in this article. It's a really great product, and well worth the upfront investment in terms of migration, workflow adjustment, etc. We may be open sourcing some tooling we've created around AppID authentication (now deprecated, sadly) in the near future.
That mirrors our thoughts exactly - also would be great to hear about some of your tooling! - though at the moment there didn't seem to be a pressing need to move to the AppRole workflow. Our usage would be fairly similar if we did move, so I assume that we'll be revisiting this once it becomes clearer as to how we can better take advantage of AppRole.
