Ensure Cosmos DB account is encrypted with customer-managed keys

Each Cosmos account is encrypted with service-managed keys (managed by Microsoft). Using customer-managed keys adds a second layer of encryption to your account.