According to the following AWS docs, WAF can also be deployed on API Gateway. The lecture probably needs to be updated.
You’re right the lecture is dated. From the documentation,
"AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AWS AppSync GraphQL API."