Techniques are described for managing access to a repository system storing information (e.g. metadata) about objects (e.g. an application a process or a service) in a computing environment. The repository system can store a data structure (an “entity”) that includes information about an object. An entity can have an association with one or more collections of entities (“assets”) that classify a collection of entities. Access to perform actions (e.g. create read update or delete) an entity can be managed based on an entitlement which grants a right to access information in the entity and/or at least one asset having an association with the entity. The repository system can manage access to one or more entities based on rights implied by an entitlement to access one or more assets associated with those entities.