Azure VM Conversion from Platform to Customer Managed Keys

1. Create Key Vault

2. Create Key

3. Create Managed Identity

4. Add Key Crypto Service Encryption User to Managed Identity

5. Create Disk Encryption Set

6. Provide IAM role assignment as Key Vault Reader

7. Stop the VM or un-attach the data disk to change to SSE with CMK

8. Start the VM and test operation