Hi there,
You seem to be looking at two different pieces - organizing your service using OpenAPI and ensuring policy is applied at each step. Hopefully, this answer will provide the necessary detail.
Yes, you can deploy your service plus all the APIs and policies through Terraform. However, you should rig your DevOps pipeline such that a new API revision or version is generated when (and only when) you change your OpenAPI specification. This will not apply policy to the new operation. For that reason, I generally recommend that you only use the OpenAPI specification for the initial import. After that, you will want to ensure the operations are secured properly and that policies are appropriately applied - something that importing an OpenAPI specification alone will not do.
When I use Terraform, each API has a .tf file. The .tf file creates the API, operations, and policies (together with any named values used within the API that are unique to the API). The Terraform plan/apply process will determine which APIs have been updated and apply the correct changes. Terraform files needs to be written - you cannot generate them from the service. Alternatives to this include ARM and Bicep. The DevOps Toolkit for API Management (which you can find on aka.ms/apimlove) provides a set of utilities that can copy an API Management service from a source service and generate ARM templates to apply to a destination service.
You cannot split a single base path between APIs. For example, placing GET /foo and PUT /foo in different APIs is not possible - these would be two separate operations on the same API (/foo).
Eventually, ARM, Bicep, and Terraform all end up executing APIs on the API Management REST API. As a result, what you can do in one can generally be done in the other, providing you are using the same API version (which, as of writing, is 2021-08-01). I do bump into limitations of the method (e.g. Terraform or ARM), but this is not because of a service limitation.