Anybody know if there’s a way to protect the Prisma client by specifying which operations to generate? For instance you don’t want to ever allow users to be deleted from a client that’s accessing Prisma?

That’s currently not possible. What’s the reason you want to hide it?

The idea would be that from a security perspective you don’t want to expose all of your database operations to every client.

I dont think you're supposed to expose prisma to any clients 🐼 only your backend

when I say client I mean AppServer or a lambda, not frontend

The app server is under your control and should not be accessible to users other than through a well defined API. If they can hack your server and make those kind of changes then you got bigger issues on your hands