This command revokes or reinstates all encryption keys for an encryption group on an EKM. When running this command, you specify one tenant. Keys are revoked/reinstated for all tenants that share the same encryption group as the specified tenant. The encryption group to which each tenant belongs is identified by an identifier called the encryption CRN. You can display the encryption CRN per tenant with the tenant list command.