terraform-provider-google: Log Router Sink writerIdentity not found when setting up pubsub.Publisher role for it. (PART 2)

RE: https://github.com/hashicorp/terraform-provider-google/issues/9953

Hello, apologies, I was OOO the whole week the previous issue was closed.

Makes sense that I might need to create it separately then. but an additional issue shown in the terraform output in the description above shows the new service account not being found…

module.global.module.base.google_service_account_iam_member.robm_cloud_func_test_pubsub_role: Creating...

Error: Error retrieving IAM policy for service account 'projects/ivr-divasp-sysdev-dev-01/serviceAccounts/p197201731551-682071@gcp-sa-logging.iam.gserviceaccount.com': googleapi: Error 404: Service account projects/ivr-divasp-sysdev-dev-01/serviceAccounts/p197201731551-682071@gcp-sa-logging.iam.gserviceaccount.com does not exist., notFound

  on ../global/modules/base/test_resource.tf line 82, in resource "google_service_account_iam_member" "robm_cloud_func_test_pubsub_role":
  82: resource "google_service_account_iam_member" "robm_cloud_func_test_pubsub_role" {

if upon execution of the terraform script, and it knows the new service account, why does it fail trying to set the role for it?

is there an execution ordering issue going on ?

Thanks, Rob

_Originally posted by @rrmestl-cx in https://github.com/hashicorp/terraform-provider-google/issues/9953#issuecomment-920177345_