Enterprises increasingly rely on Infrastructure as Code (IaC) to deliver scalable, repeatable, and auditable cloud environments, with Terraform emerging as a dominant provisioning framework. However, rapid adoption has exposed governance, security, and compliance gaps that traditional IT controls cannot adequately address. This study examines recent advances in Infrastructure as Code governance designed to strengthen secure Terraform-based enterprise cloud deployments. The paper synthesizes contemporary practices from DevSecOps, policy-as-code, and automated compliance to propose an integrated governance model that embeds security, risk management, and regulatory alignment directly into the provisioning lifecycle. Key contributions include a layered governance architecture combining standardized module registries, secure state management, and continuous policy enforcement using tools such as Open Policy Agent and Sentinel. The study highlights advances in secrets management, drift detection, supply chain integrity, and least privilege identity design that reduce configuration vulnerabilities and privilege escalation risks. Emphasis is placed on automated security testing, threat modeling, and compliance validation within continuous integration and continuous delivery pipelines. Furthermore, the research evaluates governance metrics, maturity models, and organizational workflows that support cross-functional collaboration between security, platform engineering, and audit teams. A reference implementation demonstrates how policy-as-code, reusable blueprints, and real-time monitoring improve visibility, enforce guardrails, and accelerate compliant infrastructure delivery across multi-cloud environments. The findings indicate that effective IaC governance reduces misconfiguration incidents, shortens audit cycles, and strengthens enterprise resilience while preserving developer agility. The proposed framework offers practical guidance for organizations seeking to operationalize secure, scalable, and compliant Terraform practices at scale. By integrating governance with automated workflows, the research underscores the importance of continuous feedback, developer education, and executive sponsorship in sustaining long-term security outcomes. The study concludes that future directions should focus on AI-assisted policy generation, predictive risk analytics, and standardized interoperability across IaC ecosystems. These innovations will enable enterprises to transition from reactive compliance toward proactive, intelligence-driven governance capable of supporting rapidly evolving cloud architectures and regulatory landscapes worldwide. Overall, the research contributes a comprehensive roadmap for strengthening trust, transparency, and accountability in modern cloud infrastructure provisioning. The outcomes support secure innovation, operational efficiency, and consistent governance across distributed enterprise technology environments globally today.