Moved WordPress site to Windows Server 2022 using direct method for updates

I'm moving a bunch of WordPress sites from Linux to Windows Server 2022. The sites are functioning just fine but I'm getting:

"Some files are not writable by WordPress:

xmlrpc.php
wp-blog-header.php
readme.html
wp-signup.php
index.php
wp-cron.php
wp-config-sample.php
wp-login.php
wp-settings.php
license.txt
wp-mail.php
wp-links-opml.php
wp-load.php
wp-includes/class-wp-styles.php
wp-includes/class-wp-user-query.php
wp-includes/l10n.php
wp-includes/date.php
wp-includes/php-compat/readonly.php
wp-includes/class-wp-oembed.php
wp-includes/images/w-logo-blue-white-bg.png

and

The wp-content/upgrade-temp-backup directory exists but is not writable. This directory is used to improve the stability of plugin and theme updates. Please make sure the server has write permissions to this directory.

In the site health tool. I've added define('WP_TEMP_DIR', 'C:/Windows/Temp'); to wp_config.php to use the direct method and granted Modify, List Folder Contents, Read & Execute, Read, and Write to access 'IIS_IUSER' on the temp directory AND the site directory. Yet I'm still getting that message in the site health screen.

What am I missing?

Based on your comments, it looks like the application pool is configured to run as your user account, which is definitely wrong. You need to change its identity to a service account and make sure that account has the proper permissions to access the folder it requires.

You can run an application pool using an actual user account (a local or domain one), or you can use the built-in virtual account ApplicationPoolIdentity, which exists precisely for this purpose.

You can find the relevant documentation here: https://learn.microsoft.com/en-us/iis/manage/configuring-security/application-pool-identities