Inside SharePoint online we can define limited access on UN-manged devices:-

but in our case we need to define limited access to certain users even if they access the sites from managed devices,, is this possible?
Second question , can we control this on per site basis also?