diff --git a/datasette_acl/__init__.py b/datasette_acl/__init__.py
index 7fbef42..27402ef 100644
--- a/datasette_acl/__init__.py
+++ b/datasette_acl/__init__.py
@@ -384,7 +384,9 @@ async def table_acls(request, datasette):
                             "operation_by": request.actor["id"],
                         },
                     )
-        datasette.add_message(request, f"Made changes: {repr(changes_made)}")
+        if changes_made:
+            message = generate_changes_message(changes_made)
+            datasette.add_message(request, message)
         return Response.redirect(request.path)
 
     return Response.html(
@@ -408,6 +410,18 @@ async def table_acls(request, datasette):
     )
 
 
+def generate_changes_message(changes_made):
+    messages = []
+    for action, changes in changes_made.items():
+        for group, permission in changes:
+            messages.append(f"{action} group '{group}' can {permission}")
+    if not messages:
+        return None
+    message = ", ".join(messages)
+    # Capitalize first letter
+    return message[0].upper() + message[1:]
+
+
 @hookimpl
 def register_permissions(datasette):
     return [
diff --git a/tests/test_acl.py b/tests/test_acl.py
index a6c6adc..7afa50b 100644
--- a/tests/test_acl.py
+++ b/tests/test_acl.py
@@ -224,3 +224,11 @@ async def test_permission_allowed():
             "operation": "added",
         },
     ]
+    # Let's check the message it set
+    messages = datasette.unsign(response2.cookies["ds_messages"], "messages")
+    assert messages == [
+        [
+            "Added group 'admin' can alter-table, removed group 'admin' can insert-row",
+            1,
+        ]
+    ]