Merge pull request #87120 from mahelsay/patch-1

ktoliver · web-flow · commit 93f5a822150b · 2022-02-01T09:57:42.000-08:00
Conditional Access for Service Principal is already in public preview…
diff --git a/articles/active-directory/fundamentals/service-accounts-governing-azure.md b/articles/active-directory/fundamentals/service-accounts-governing-azure.md
@@ -20,7 +20,7 @@ ms.collection: M365-identity-device-management
 There are three types of service accounts in Azure Active Directory (Azure AD): [managed identities](service-accounts-managed-identities.md), [service principals](service-accounts-principal.md), and user accounts employed as service accounts. As you create these service accounts for automated use, they're granted permissions to access resources in Azure and Azure AD. Resources can include Microsoft 365 services, software as a service (SaaS) applications, custom applications, databases, HR systems, and so on. Governing Azure AD service accounts means that you manage their creation, permissions, and lifecycle to ensure security and continuity.
 
 > [!IMPORTANT] 
-> We do not recommend using user accounts as service accounts as they are inherently less secure. This includes on-premises service accounts that are synced to Azure AD, as they are  not converted to service principals. Instead, we recommend the use of managed identities or service principals. Note that at this time the use of conditional access policies is not possible with service principals, but the functionality is coming.
+> We do not recommend using user accounts as service accounts as they are inherently less secure. This includes on-premises service accounts that are synced to Azure AD, as they are  not converted to service principals. Instead, we recommend the use of managed identities or service principals. Note that at this time the use of conditional access policies with service principals is called Conditional Access for workload identities and it's in public preview.
 
 
 ## Plan your service account
