feat: avm/res/compute/disk-encryption-set - Extend cmk implementation to support managed HSM (#6190)

## Description

<!--
>Thank you for your contribution !
> Please include a summary of the change and which issue is fixed.
> Please also include the context.
> List any dependencies that are required for this change.

Fixes #123
Closes #123
-->

## Pipeline Reference

<!-- Insert your Pipeline Status Badge below -->

| Pipeline |
| -------- |
|
[![avm.res.compute.disk-encryption-set](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.compute.disk-encryption-set.yml/badge.svg?branch=users%2Feriqua%2Fdes-hsm&event=workflow_dispatch)](https://github.com/Azure/bicep-registry-modules/actions/workflows/avm.res.compute.disk-encryption-set.yml)
|


## Type of Change

<!-- Use the checkboxes [x] on the options that are relevant. -->

- Azure Verified Module updates:
- [ ] Bugfix containing backwards-compatible bug fixes, and I have NOT
bumped the MAJOR or MINOR version in `version.json`:
- [ ] Feature update backwards compatible feature updates, and I have
bumped the MINOR version in `version.json`.
- [x] Breaking changes and I have bumped the MAJOR version in
`version.json`.
  - [ ] Update to documentation
- [ ] Update to CI Environment or utilities (Non-module affecting
changes)

## Checklist

- [x] I'm sure there are no other open Pull Requests for the same
update/change
- [x] I have run `Set-AVMModule` locally to generate the supporting
module files.
- [x] My corresponding pipelines / checks run clean and green without
any errors or warnings
- [x] I have updated the module's CHANGELOG.md file with an entry for
the next version

<!-- Please keep up to date with the contribution guide at
https://aka.ms/avm/contribute/bicep -->

---------

Co-authored-by: Alexander Sehr <[email protected]>

Author: eriqua

avm/res/compute/disk-encryption-set/CHANGELOG.md

@@ -2,6 +2,18 @@
 
 The latest version of the changelog can be found [here](https://github.com/Azure/bicep-registry-modules/blob/main/avm/res/compute/disk-encryption-set/CHANGELOG.md).
 
+## 0.6.0
+
+### Changes
+
+- Added support for managed HSM customer-managed key encryption
+- Added `ConfidentialVmEncryptedWithCustomerKey` as `encryptionType` option
+
+### Breaking Changes
+
+- Key Vault permissions are now optional and controlled by the new parameter `enableKeyPermissions`, which defaults to `false`. To maintain the previous behavior after this breaking change, set `enableKeyPermissions = true` in your configuration.
+- The four input parameters (`keyVaultResourceId`, `keyName`, `keyVersion`, and `rotationToLatestKeyVersionEnabled`) have been replaced with a single `customerManagedKey` object, aligning with the AVM Customer-Managed-Key (CMK) interface.
+
 ## 0.5.0
 
 ### Changes