diff --git a/pkg/api/validate/dynamic/dynamic.go b/pkg/api/validate/dynamic/dynamic.go
index 1c3d603ac98..765c4574109 100644
--- a/pkg/api/validate/dynamic/dynamic.go
+++ b/pkg/api/validate/dynamic/dynamic.go
@@ -39,12 +39,17 @@ type Subnet struct {
 	Path string
 }
 
+type ServicePrincipalValidator interface {
+	ValidateServicePrincipal(ctx context.Context, clientID, clientSecret, tenantID string) error
+}
+
 // Dynamic validate in the operator context.
 type Dynamic interface {
+	ServicePrincipalValidator
+
 	ValidateVnet(ctx context.Context, location string, subnets []Subnet, additionalCIDRs ...string) error
 	ValidateSubnets(ctx context.Context, oc *api.OpenShiftCluster, subnets []Subnet) error
 	ValidateProviders(ctx context.Context) error
-	ValidateServicePrincipal(ctx context.Context, clientID, clientSecret, tenantID string) error
 	ValidateQuota(ctx context.Context, oc *api.OpenShiftCluster) error
 	ValidateDiskEncryptionSets(ctx context.Context, oc *api.OpenShiftCluster) error
 	ValidateEncryptionAtHost(ctx context.Context, oc *api.OpenShiftCluster) error
@@ -85,6 +90,14 @@ func NewValidator(log *logrus.Entry, env env.Interface, azEnv *azureclient.AROEn
 	}, nil
 }
 
+func NewServicePrincipalValidator(log *logrus.Entry, azEnv *azureclient.AROEnvironment, subscriptionID string, authorizerType AuthorizerType) (ServicePrincipalValidator, error) {
+	return &dynamic{
+		log:            log,
+		authorizerType: authorizerType,
+		azEnv:          azEnv,
+	}, nil
+}
+
 func (dv *dynamic) ValidateVnet(ctx context.Context, location string, subnets []Subnet, additionalCIDRs ...string) error {
 	if len(subnets) == 0 {
 		return fmt.Errorf("no subnets provided")
diff --git a/pkg/operator/controllers/checker/serviceprincipalchecker.go b/pkg/operator/controllers/checker/serviceprincipalchecker.go
index d015fc246dd..1e700a1cebb 100644
--- a/pkg/operator/controllers/checker/serviceprincipalchecker.go
+++ b/pkg/operator/controllers/checker/serviceprincipalchecker.go
@@ -79,7 +79,7 @@ func (r *ServicePrincipalChecker) Check(ctx context.Context) error {
 		updateFailedCondition(cond, err)
 	}
 
-	spDynamic, err := dynamic.NewValidator(r.log, nil, &azEnv, resource.SubscriptionID, nil, dynamic.AuthorizerClusterServicePrincipal)
+	spDynamic, err := dynamic.NewServicePrincipalValidator(r.log, &azEnv, resource.SubscriptionID, dynamic.AuthorizerClusterServicePrincipal)
 	if err != nil {
 		return err
 	}