Hi Dave,
Each environment variable must have a unique name, so either the variable will be sourced from key vault via reference or app service, depending on how you set it. Based on this I'm unsure what you are asking.
You could of course build your own abstraction that would do what you want. For example, you could have code that would check for existence of VARIABLENAME_OVERRIDE and if it exists use that instead of the default behavior.
-TP