Sua lógica parece sensata, mas a AWS não suporta isso.
Q. Can I use my authentication device with multiple AWS accounts?
No. The authentication device or mobile phone number is bound to an individual AWS identity (IAM user or root account). If you have a TOTP-compatible application installed on your smartphone, you can create multiple virtual MFA devices on the same smartphone. Each one of the virtual MFA devices is bound to a single identity, just like a hardware device. If you dissociate (deactivate) the authentication device, you can then reuse it with a different AWS identity. The authentication device cannot be used by more than one identity simultaneously.
Uma possível justificativa para sua política pode ser encontrada em esta resposta a "O compartilhamento do mesmo TOTP em vários servidores é menos seguro?" .