Hi,
There is no way to exempt particular service principal from policy assignment. That is the point of the policy assignment to enforce for everyone. There is the options for exemption or exception. By using one of those + Azure RBAC so only specific accounts/groups have certain access you can achieve that. Of course that requires that other accounts/groups do not have that access in order to take advantage of the exception/exemption.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.