Define a Service Control Policy which applies to the whole organization .. this SCP can be attached to Root Master Account?
SCP can be applied at the root level of the OU hierarchy, but SCP will not apply to the master/management account. "SCPs don’t affect users or roles in the management account. They affect only the member accounts in your organization." https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html