I am following the GCP Quickstart Deploy an app in a container image to a GKE cluster, and I'm at the cloud build step, executing this command:

gcloud builds submit --tag us-central1-docker.pkg.dev/PROJECT_ID/hello-repo/helloworld-gke .

I have put my real project id in.

After some trial and error, i.e. getting one permissions error, adding the permission, and trying again, the build and push seems to go fine. The gcloud output shows this:

Pushing us-central1-docker.pkg.dev/gke-dotnet-api-1/hello-repo/helloworld-gke

But the gcloud output goes on to say:

INFO: The service account running this build [ACCOUNT_ID redacted] does not have permission to write logs to Cloud Logging. To fix this, grant the Logs Writer (roles/logging.logWriter) role to the service account.

I had this problem earlier and added the Logs Writer, Logs Viewer, and Logs View Accessor roles to the account:


What do I have to do to get cloud build to recognize the Log Writer role I have granted?