Disk Encryption Set ID Error when using Customer Managed Keys

[BillysCoolJob]

Hey gang! Running into an issue spinning up a managed disk from an image from Terraform.

Code:

resource "azurerm_managed_disk" "copy" {
  name = "TESTDISK"
  location = "eastus"
  resource_group_name = "TerraformDeploymentRG"
  storage_account_type = "Standard_LRS"
  create_option = "FromImage"
  gallery_image_reference_id = "IMAGE_ID"
  secure_vm_disk_encryption_set_id = "DISKENCRYPTIONSET_ID"
  security_type = "ConfidentialVM_DiskEncryptedWithCustomerKey"
}

Software Versions: Terraform 1.4.2 Terraform provider AzureRM 3.48.0

Error:

'ConfidentialVM_DiskEncryptedWithCustomerKey' is not supported by given image

Notes:

I have confirmed that I can manually create an managed disk with this image and then set the disk encryption set to the one that I want via the Azure Portal. However, it seems to not like it when I run this through Terraform. Is there something that needs to be done with the disk before creating the image in order for it to support a encryption with a customer managed key?

Reference documentation: https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/managed_disk