ElasticSearch security set up documentation is Byzantine

I am setting up a testing instance in house. Single node, with proof of concept reporting. Elastic, Kibana, Beats, using the free software only.

There is no indication that ElasticSearch is securable on the free license - the minimal set up requires xpack.security.enabled: true and X-Pack apparently expires after a 30 day trial?

Am I missing something or is ElasticSearch free in testing only. Any move to production requires a license?

TLS, Native Authentication and Authorization is all available with the Basic / Free Distribution, no subscription required.

You can absolutely run that in production.

See Here for the docs / overview.

Here is a walkthrough I wrote up of setting up a single node stack with a basic license.

If you want to do more sophisticated security like SAML, or document / field level security those do require a subscription.

See here for the features of Free / Basic as well as the other subscription levels.