}
	if len(buckets) != 2 || buckets[0].Name != "bucket1" || buckets[1].Name != "bucket2" {
		c.Fatalf("restricted STS account should only have access to bucket1 and bucket2")
	}

	// Try to escalate privileges
	restrictedAdmClient := s.getAdminClient(c, value.AccessKeyID, value.SecretAccessKey, value.SessionToken)
	_, err = restrictedAdmClient.AddServiceAccount(ctx, madmin.AddServiceAccountReq{
		AccessKey: "newroot",

        </field>
      </fields>
    </class>
    <class>
      <name>Contributor</name>
      <description>Description of a person who has contributed to the project, but who does not have
        commit privileges. Usually, these contributions come in the form of patches submitted.</description>
      <version>3.0.0+</version>
      <fields>
        <field>
          <name>name</name>
          <version>3.0.0+</version>

### Other notable changes

* rkt: Improve support for privileged pod (pod whose all containers are privileged)  ([#31286](https://github.com/kubernetes/kubernetes/pull/31286), [@yifan-gu](https://github.com/yifan-gu))

2. Review and delete any PodSecurityPolicy objects you do not want all pod-creating users to be able to use (NOTE: Privileged users that were making use of those policies will also lose access to those policies). For example:
  * `kubectl delete podsecuritypolicies/my-privileged-policy`
3. After upgrading to 1.5.5, re-create the exported PodSecurityPolicy objects:
  * `kubectl create -f psp.yaml`

## Downloads for v1.5.5