There are two main reasons for this:
- We recommend customer avoid deploying workloads to the organization’s management account in general:
“Since privileged operations can be performed within an organization’s management account and SCPs do not apply to the management account, we recommend that you limit access to an organization’s management account. You should also limit the cloud resources and data contained in the management account to only those that must be managed in the management account.” from here
- As there are lambda function deployed in the account these could benefit from Compute Savings plans. This means that there could be higher savings missed in other accounts because they are used on the lambdas first:
“In a Consolidated Billing Family, Savings Plans are applied first to the owner account’s usage, and then to other accounts' usage. This occurs only if you have sharing enabled.” from Here